Posted by Emily Schechter, Chrome Security Product Manager
For the past several years, Chrome has moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, they’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.
In Chrome 68, the omnibox will display “Not secure” for all HTTP pages.
Developers have been transitioning their sites to HTTPS and making the web safer for everyone. Progress last year was incredible, and it’s continued since then:
Over 68% of Chrome traffic on both Android and Windows is now protected
Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
81 of the top 100 sites on the web use HTTPS by default
Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default. HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP.
(Original content posted at https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html)