Google has sent out a warning to domain owners, web masters, & developers that beginning July 1st, 2018 any website not secured by an SSL certificate will feature a popup screen that says “This Site Is Not Secure”. Soon-after Google will begin de-ranking non-secure sites in their search engine.
Google says its Chrome browser will mark HTTP websites with input fields (such as contact forms or those that require login details, taking payments, etc.) as not secure, starting July 1st.
The company gave advanced notice of this in late 2016, but has now taken the step of formally notifying any webmasters who will be affected as the change gets closer to implementation.
The notification stated, “Beginning in October 2017, Chrome will begin to show the ‘Not secure’ warning in two additional situations: when users enter data on an HTTP page, and on ALL http:// pages visited in Incognito mode.” **Update 6/22/18: This is now happening on every non-SSL’d site as of July 1st
The message was sent to webmasters via Google Search Console to all registered developers, but effects everyone who owns a domain. Sites that are HTTP and have credit card fields or require passwords are already marked as not secure; a warning to potential customers that their info is at risk. Since its official post, Google stated that its efforts have already resulted in a 23% reduction in the “fractions of navigation to HTTP pages with passwords or credit card forms on desktop”.
When the new warning kicks in, HTTP sites will have a ‘Not Secure’ label displayed in the address bar as shown here.
Emily Schechter from the Google Chrome Security Team said more actions should be expected in future, remarking, “Eventually, we plan to show the “Not Secure” warning for all HTTP pages, even outside Incognito mode. We will publish updates as we approach future releases, but don’t wait to get started moving to HTTPS! HTTPS is easier and cheaper than ever before, and it enables both the best performance the web offers and powerful new features that are too sensitive for HTTP.”
If your site is currently a HTTP domain, you will need to migrate to HTTPs before July 1st to avoid your web traffic being warned off visiting your site. If you need help in doing so, TBA Marketing offers SSL installation, whether you are hosting your website with us or not. Call 813-501-2932 or click contact us and submit a ticket.
The original Chrome post can be found here: https://blog.chromium.org/2017/04/next-steps-toward-more-connection.html