Google has announced that Google Chrome will begin marking any page with a password or credit card field as insecure if the page is not on HTTPS. The change is scheduled to go live in January 2017, when Chrome version 56 launches.
The biggest impact of this will likely be forums and other user generated content sites, many of which are still on HTTP. This will also impact sites that have password fields via widgets, such as allowing a user to login via Facebook or Google.
It will only impact the specific pages with password or credit card fields. So it will not flag the entire site as insecure. I suspect many will be more conscious of where the logins are located on sites, since many insecure sites have login areas site-wide.
For site owners, this could have an impact on bounce rate and pages per session, as some visitors might feel more uncomfortable on some sites when Google is deliberately flagging it to show insecure.
Google also reiterates that they plan to eventually mark all non-HTTPS as not secure, although they haven’t yet given a timeline on when this will happen.
This isn’t a surprise, and Google has actively talked about changes coming to Chrome to help make users more aware of when a site is insecure. Google has been pushing for sites to go HTTPS for a couple of years now, in a push to make the web more secure, and there is also an associated minor ranking boost for sites that to go HTTPS.
For those looking to switch their sites to HTTPS, there are free certificates available via Let’s Encrypt and they also have a help section within Google Search Console.
Jennifer Slegg
Latest posts by Jennifer Slegg (see all)
- 2022 Update for Google Quality Rater Guidelines – Big YMYL Updates - August 1, 2022
- Google Quality Rater Guidelines: The Low Quality 2021 Update - October 19, 2021
- Rethinking Affiliate Sites With Google’s Product Review Update - April 23, 2021
- New Google Quality Rater Guidelines, Update Adds Emphasis on Needs Met - October 16, 2020
- Google Updates Experiment Statistics for Quality Raters - October 6, 2020
Timmy Griffin says
“Google Chrome will begin marking any page with a password or credit card field as insecure if the page is not on HTTPS.”
Duh…something like this should have happened long time ago. Not sure how this will impact website integrity and security in regards to Google policy of sending ‘feedback’ a.k.a. information back to them.
As Russians like to say – паживьом павидим.
Jennifer Slegg says
It was always shown as insecure. This one is just much more noticeable to the average user.