Google Chrome Will Label All HTTP Not Secure

Google Chrome 68 Shames HTTP

Over the past couple of years, there has been a major move to make the web more secure. The chief advancement to improve security is the move to HTTP Secure. In recent times, most browser vendors started a major push to enforce HTTPS on all websites. Google has been doing its part with their wildly popular Chrome browser. Starting with Chrome 68, all HTTP sites will be labelled “Not Secure”.

The move to HTTPS is due to the lack of authentication in HTTP. Furthermore, HTTPS also secures the communications and furthers privacy. Google first started their HTTP crackdown with password forms. If an HTTP page had a password form, it would label the page Not Secure as a warning to users that their credentials aren’t secure. Starting July, Chrome 68 will extend this to all HTTP pages regardless of type. Despite inherent flaws, HTTPS is still better than HTTP.

Majority of Web Already HTTPS

Google has two goals with this initiative. The first is to educate users that HTTP is inherently insecure. The second is to shame website to move to HTTPS and provide users with greater privacy and security. The end goal is to have the entire web on HTTPS by default. Over 68% of Chrome traffic on Android and Windows is on HTTPS. The numbers are even better at 78% for Chrome OS and Mac.

Overall, the entire web is likely to end up on HTTPS. More than half of all web traffic is already HTTPS. Despite the good progress on the web, there is still a lot more work to be done. Only 81 of the top 100 sites are using HTTPS by default. This means there are still some major websites that still haven’t made the shift to HTTPS. Since these are the top sites, resources shouldn’t be an issue but progress is still slower than it should be. Overall though, Google is doing good work with Chrome recently to make deep improvements.