Google’s Chrome browser will soon flag every site that doesn’t use HTTPS encryption. Starting in July, with the launch of Chrome 68, Chrome will mark all HTTP sites as ‘not secure’ and prominently highlight this in its URL bar.
Over the course of the last few years, Google has strongly advocated for the use of HTTPS to help keep your browsing data safe from anybody who could be spying on your web traffic while it’s in transit between your browser and a server. With Chrome 62, Google already started marking all HTTP sites that had data entry fields as insecure and even back in 2016, it already started showing the same warning for all sites that asked for passwords and credit cards.
With this upcoming update, every HTTP site will be flagged as ‘not secure,’ whether it includes input fields or not.
Developers have clearly heard the call. Google notes that 81 of the top 100 sites on the web now use HTTPS by default and that 80 percent of Chrome traffic on both Chrome OS and Mac and 70 percent of traffic from Chrome on Windows is now protected. For Chrome traffic on Android, that number is 68 percent.
Still, this means that there are (and probably always will be) plenty of sites that haven’t made the move yet. Thanks to projects like Let’s Encrypt and others, it’s now easier than ever to enable HTTPS for virtually any site. Still, the process of enabling HTTPS for existing sites isn’t always trivial and chances are that some webmasters and developers will simply opt to keep things running as they are, no matter the warnings that Chrome will soon show their visitors.