As of July 2018, Google Chrome is now marking all websites that don’t adopt HTTPS encryption as ‘not secure’. This isn’t a huge shock as Google has been pushing towards this goal for some time, but it does mark a significant change to how Chrome decides if a website is secure or not.
Last year, I wrote about the Chrome update that marked non–HTTPS pages with form fields as insecure. At the time, the browser would only label a site as ‘not secure’ if users were on a page that contained a form such as a username or password field. The latest update will display the notice for any site that doesn’t employ HTTPS encryption, irrespective of the page’s content.
What is HTTPS encryption?
In short, HTTPS encryption means that data transferred between a website and its server will be encrypted. That’s it. It basically helps to prevent hackers or other bad actors from reading data whilst it’s in transit.
Enabling HTTPS encryption on a site is as quick and inexpensive as it has ever been. Your site will need an SSL Certificate and then there are a few checks and changes that will need to be made for the site to display the ‘secure’ message in the browser bar. For a more detailed breakdown, read this brief explanation of SSL Certificates.
Getting your site ready for HTTPS
With all of the noise around the recent introduction of GDPR, it will have been easy to overlook this update from Google Chrome but it’s certainly worth paying attention to. For help with enabling HTTPS encryption on your site, get in touch.