What was once disregarded by agencies and web hosts before has now created some discussion by taking Google serious with their recent announcement on making web browsing more safe. As of January 2017, you might have noticed something in Google Chrome when navigating to your website. Chrome has now started to notify you that some HTTP websites are “not secure.”
At this time, when connecting via the Chrome browser there is a “neutral indicator” for HTTP links.
So what does this mean? Google has stated in their Security Blog, “This doesn’t reflect the true lack of security for HTTP connections.” With that being said, although Google states your site isn’t secure, technically it still is if you have the right methods in place but only to a degree. Any site can be vulnerable to hacks and certain sites require an SSL certification, especially when payments and private or confidential information is involved.
What Google is now stating is that if you do not have an SSL certificate you won’t be blocked from viewing these sites, but now you will be notified that connection may not be encrypted. Having a site that is encrypted is a REAL good thing. That way no pesky hacker can see anything you don’t want them to say keeping your online properties safe and sound.
Did you know that on an HTTP site, everything is wide open to the WWW?
Want complete peace of mind? Having HTTPS will stop hackers in their tracks.
To be honest, I dismissed this at first knowing the ins and outs of how web security works, but after Google’s recent announcement on how the sites will be penalized in search engines, that was a big red flag!
Know what that means? No one will even be able to find our sites as easily as they once could. Not good. It is important to know – moving to an HTTPS connection will not fully affect ranking but Google will give preference to sites with HTTPS over ones still at HTTP from what Google has stated in recent blog posts.
What should you be looking for?
Sites that handle sensitive information and are more secure will be labeled as HTTPS.
If you are typing in passwords and/or credit card information you will want to make sure they are HTTPS encrypted. If they are not then Chrome will let you know.
**Note: Instead of typing in sensitive information we recommend using LastPass. This is the best way to keep out hackers.
So am I using HTTPS? Here’s how you can find out.
- In the browser window there is a LOCK icon. This is usually at the bottom.
- The URL says “https://”
Many just overlook this. They plug in very important information and click send without even checking. Is that you? Well, you’re not alone.
It is noted that Chrome doesn’t want users to be overly “blind to warnings that occur too frequently.” However, the plan is to be more clear about labeling HTTP sites with more precision as non-secure.
This will be a gradual process. But a very important one so pay attention.
First: Chrome 56 will label HTTP pages as not secure where passwords and banking information is needed due to very personal information.
Next: Extended HTTP warnings will continue about not being secure while in Incognito mode.
Lastly: Chrome will, in the long run, tag all HTTP connections with a red triangle as non-secure pages.
Currently, there has been no mention of other browsers like FireFox, IE and Safari making the switch, but let’s assume since Google carries the flag in almost everything that the other browsers will soon follow suit as well.