Google marking sites not using HTTPS URLS as “Not Secure”

In February 2018, Google warned that sites that hadn’t adopted the HTTPS encryption would be marked as “not secure” with the release of Chrome 68 later in the year.

Their blog post showed their research on the progress that had been made by sites moving towards the more secure method.

“Developers have been transitioning their sites to HTTPS and making the web safer for everyone. Progress last year was incredible, and it’s continued since then:

• Over 68% of Chrome traffic on both Android and Windows is now protected
• Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
• 81 of the top 100 sites on the web use HTTPS by default”

New Warning

Now that the change has gone live, sites without encryption are now being shown as “Not Secure”.

This can potentially be concerning to visitors as they may be fearful about what this may mean about their interactions on the site that they are visiting.

Even if your website doesn’t ask for credit cards, PayPal, gmail login or other private information, visitors may be concerned that they may be vulnerable to exploits that might not be present on encrypted sites.

Outcome

Although there hasn’t been a recent change with the available internet protocols (HTTPS was invented in 1994), the increasing number of reported security breaches on various platforms over recent years has alerted the public to the vulnerabilities in today’s technology.

Online security scares, including a Facebook breach that according to ABC News affected “as many as 87 million users,” has seen a backlash, resulting in the widespread trending #DeleteFacebook.

Although it is unclear yet how many people have left Facebook, The Pew Research Centre has reported that over 54% of Americans have “adjusted their privacy settings in the past 12 months” and “around a quarter (26%) say they have deleted the Facebook app from their cellphone”.

In this current climate, the public’s heightened awareness of the threat of cyber crime suggests that these security warnings from Google are likely to hasten the demise of the unencrypted HTTP sites and accelerate adoption of the more secure HTTPS method.

Recommendation

It is strongly recommended to upgrade your website to HTTPS URLs to not only be secure but also to not be penalised by search engine algorithms.

In October 2018, Google stated “We’ll start showing a red “not secure” warning when users enter data on HTTP pages.”

This indicates that they are escalating their method of warning their users on the security of the sites that they are visiting.

Although there is no evidence that such decisions are being made just yet, the current direction of travel suggest that websites that aren’t encrypted are likely to have their ranking downgraded if they are not considered to be adequately secure.

All websites developed by Jeppstones use HTTPS. If you need help on how to make your site more secure by introducing encryption, please contact us here.

Jenny Dyke is the Digital Content Manager at Jeppstones

Follow Jenny on Twitter: @JennyJeppstones