Google has sent out a warning to web masters and developers that HTTP sites containing forms and other input fields will be marked Not Secure starting in October. Soon-after they will begin de-ranking non-secure sites in the search engine.
Google says its Chrome browser will mark HTTP websites with input fields (such as contact forms or those that require login details) as not secure, starting later this year.
The company gave advanced notice of this in late 2016, but has now taken the step of formally notifying any webmasters who will be affected as the change gets closer to implementation.
The notification stated, “Beginning in October 2017, Chrome will show the ‘Not secure’ warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.”
The message was sent to webmasters via Google Search Console to all registered developers, but affects just about everyone who owns a domain. Sites that are HTTP and have credit card fields or require passwords are already marked as not secure; a warning to potential customers that their info is at risk. Since its official post, Google stated that its efforts have already resulted in a 23% reduction in the “fractions of navigation to HTTP pages with passwords or credit card forms on desktop”.
When the new warning kicks in, HTTP sites will have a ‘Not Secure’ label displayed in the address bar as shown here.
Emily Schechter from the Google Chrome Security Team said more actions should be expected in future, remarking, “Eventually, we plan to show the “Not Secure” warning for all HTTP pages, even outside Incognito mode. We will publish updates as we approach future releases, but don’t wait to get started moving to HTTPS! HTTPS is easier and cheaper than ever before, and it enables both the best performance the web offers and powerful new features that are too sensitive for HTTP.”
If your site is currently a HTTP domain, you will need to migrate to HTTPs before October to avoid your web traffic being warned off visiting your site.
The original Chrome post can be found here: https://blog.chromium.org/2017/04/next-steps-toward-more-connection.html