Google Chrome Security Warning for Non-HTTPS Sites
As forewarned by Google last year, Chrome now marks websites without HTTPS encryption as non-secure.
This means that if you require website users to input data such as credit card details or passwords on your site, it’s imperative that you protect them with an SSL certificate and migrate to HTTPS.
What is HTTPS?
HyperText Transfer Protocol Secure – or HTTPS – is a language used for passing information between clients and webservers. The ‘S’ addition to HTTP means that users will benefit from a secure connection whilst inputting private data.
With HTTP sites, there is a possibility that unauthorised parties could observe information being passed between your computer and the site in question.
If you’re entering sensitive information such as passwords and card details, then it’s vital it’s properly protected. An HTTPS connection provides this through the use of an SSL/TSL certificate.
The certificate encrypts any data being passed, protecting it from corruption during transfer. This is something that all users of your website have a right to expect. Google clearly thinks so, hence the move that’s been made via Chrome.
Hang On – I Want to Know More About An SSL Certificate
SSL stands for Secure Sockets Layer. It is used with HTTPS versions of websites for the encryption of sensitive data. When data is passed between a website and the user, the SSL connection is established before any information is sent.
The best way to think of the certificate is as the extra ‘S’ that turns an HTTP website into an HTTPS website.
What Message Does Chrome Display for Non-HTTPS Sites?
For any credit card or password-related field loaded on an HTTP site via Chrome, a red box with a ‘crossed’ padlock now appears. This comes coupled with a ‘Not secure’ message in the search bar.
This clearly shows users that the website they’re visiting can’t guarantee the safe passage of personal information. Any companies due to be affected by the change now only have more reason to ensure they move their site to HTTPS.