Google Chrome is now shaming websites that don’t use HTTPS
The Google Chrome browser is now shaming websites that fail to adopt the secure data transfer protocol – HTTPS – to handle web traffic.
In Chrome 68, which is rolling out today, websites like The Daily Mail are being flagged as “Not Secure” in the URL bar, when users first browse to their pages. Those sites using HTTPS encryption already see the word “Secure” in green next to a padlock.
Sites like Sky Sports, Argos and the William Hill betting site are among the prominent sites yet to adopt the HTTPS standard and Google hopes this nudge will hasten adoption of the safer browsing protocol.
Previously, in Chrome 67, users would only see the “Not Secure” label when clicking the information button in the URL bar, which displayed the message “your connection to this site is not secure.” You can see the changes below.
Related: HTTPS: What ‘Not Secure’ means and why label is good for the web
The new label is designed to warn users and incentivise websites into updating to the secure platform due to the negative implications. The next step, in Chrome 69, will be to only highlight those that aren’t secure, making them appear like the exception rather than the rule.
An estimated 20% of the world’s top 500 websites are still using the less secure HTTP (via BBC), which does not encrypt data before it is transferred around the web. The UK’s National Cyber Security Centre is recommending that all websites adopt HTTPS, while the Let’s Encrypt website simplifies the process somewhat.
If you’re concerned about the lack of encryption on some websites, you can install the HTTPS Everywhere extension for the Chrome and Firefox browsers. Chrome 68 hasn’t yet reached us, but Google is promising to release the update today. This is one you might want to roll out as soon as possible.
Do you avoid websites that don’t offer encrypted browsing? Drop us a line @TrustedReviews on Twitter.