Back in July 2018, Google started to marks all websites that do not have an SSL certificate as “Not Secure” in Chrome version 68, which means when you visits a website that start with only HTTP but not HTTPS, you’ll be seeing a “Not Secure” notification beside the URL bar.
As we all know, Chrome are the most commonly used web browsers in the world, it is being used by over 60% of people on the internet, this makes any updates on Google Chrome matter to all website owner.
Google claims that the warning helps user to understand that the site they’re on isn’t secure and, at the same time, motivates the site’s owner to improve the security of their site.
The updates in Chrome 68 is just a beginning of Google’s plans, in October, Google’s applies a new update to Chrome version 70, the “Not Secure” notifications now turns red when users are entering data on an HTTP page.
This makes the “Not Secure” warning more obvious than before. As a website owner, you certainly won’t like to see the website you’ve invested so much time and resources being labeled as “Not Secure.” It puts fear in users and raises their concerns about the non-secure nature of your site, causing negative impact on your built customer trust as well as site’s traffic.
In addition to Chrome, other major web browsers such as Firefox, Safari, IE, etc. are also working on plans to mark the “Not Secure” warning on HTTP sites more obvious in future updates.
Mozilla Firefox had already support two new browser preferences that highlight HTTP websites as “not secure” in the URL bar on Firefox 60 and newer versions, users can choose the preference they prefer to indicate the security of sites.
It is just a matter of time before Firefox apply the “Non-Secure” indicator preference to all users by mandatory, same as Chrome.
Moreover, in November 2011, Safari added a warning in the Smart Search field when loading non-secure pages to the Safari Technology Preview 70, a version of the web browser Apple uses to test technology.
This shows that Safari are now testing “Not Secure” warning for HTTP websites, and there is great possibility that this feature will be apply on future updates.
After all of these, more and more users started to aware the unsafety of a HTTP websites and the importance to surf with HTTPS websites. Users now prefer surfing websites that has a “Secure” label, as they can have less worries when entering sensitive data and making payment on the website.
It is hard to say that Chrome and these major web browsers won’t apply even more aggressive updates on HTTP sites in future. In conclusion, we are heading towards a future where HTTPS page encryption becomes a standard requirement for all web pages.
How to avoid the “Not Secure” warning
Fortunately, it doesn’t really cost much to avoid all this trouble. All you have to do is to install a SSL Certificate to your website!
In general, SSL Certificate are categorized into 3 types:
- – Domain Validated Certificate (DV)
- – Organization Validated Certificate (OV)
- – Extended Validated Certificates (EV)
Both of them provide data encryption, but each of them went through a different verification process for different purposes. The cheapest and least secure being the Domain Validated (DV) Certificate, followed by the Organization Validated (OV) Certificate and the most secure being the Extended Validation (EV) Certificate.
However, it is not necessary that all websites have to obtain the most secure EV Certificate, every owner may just select the appropriate certificate that suits the nature of their website. You may click here to find out how to choose the appropriate certificate for your website.
As the largest Internet service provider in South East Asia, WebNIC offers web security and SSL solutions from RapidSSL, Thawte, and GeoTrust ensuring our partners and their customers are safe browsing the World Wide Web. Click here to join us as a web-service reseller.