The SEM Post

Latest News About SEO, SEM, PPC & Search Engines

You are here: Home / Google / Password or Credit Card Fields on HTTP? Google Chrome Will Mark as Insecure in January 2017

Password or Credit Card Fields on HTTP? Google Chrome Will Mark as Insecure in January 2017

at PST By

password-credit-card-chrome-insecureGoogle has announced that Google Chrome will begin marking any page with a password or credit card field as insecure if the page is not on HTTPS.  The change is scheduled to go live in January 2017, when Chrome version 56 launches.

The biggest impact of this will likely be forums and other user generated content sites, many of which are still on HTTP.   This will also impact sites that have password fields via widgets, such as allowing a user to login via Facebook or Google.

It will only impact the specific pages with password or credit card fields.  So it will not flag the entire site as insecure.  I suspect many will be more conscious of where the logins are located on sites, since many insecure sites have login areas site-wide.

For site owners, this could have an impact on bounce rate and pages per session, as some visitors might feel more uncomfortable on some sites when Google is deliberately flagging it to show insecure.

Google also reiterates that they plan to eventually mark all non-HTTPS as not secure, although they haven’t yet given a timeline on when this will happen.

not-secure-chrome

This isn’t a surprise, and Google has actively talked about changes coming to Chrome to help make users more aware of when a site is insecure. Google has been pushing for sites to go HTTPS for a couple of years now, in a push to make the web more secure, and there is also an associated minor ranking boost for sites that to go HTTPS.

For those looking to switch their sites to HTTPS, there are free certificates available via Let’s Encrypt and they also have a help section within Google Search Console.

The following two tabs change content below.
My Twitter profileMy Facebook profileMy Google+ profileMy LinkedIn profile

Jennifer Slegg

Founder & Editor at The SEM Post
Jennifer Slegg is a longtime speaker and expert in search engine marketing, working in the industry for almost 20 years. When she isn't sitting at her desk writing and working, she can be found grabbing a latte at her local Starbucks or planning her next trip to Disneyland. She regularly speaks at Pubcon, SMX, State of Search, Brighton SEO and more, and has been presenting at conferences for over a decade.

Sign up for our newsletter


Comments

  1. “Google Chrome will begin marking any page with a password or credit card field as insecure if the page is not on HTTPS.”

    Duh…something like this should have happened long time ago. Not sure how this will impact website integrity and security in regards to Google policy of sending ‘feedback’ a.k.a. information back to them.

    As Russians like to say – паживьом павидим.