Home / Google Expands Use of Not Secure Warning in Chrome

Google Expands Use of Not Secure Warning in Chrome

If you have forms, login fields or other input sections on HTTP pages, Chrome will start marking them “Not secure.” Fix the problem before you’re marked!

If you have forms, login fields, or other information input sections on your HTTP site, keep reading. Chrome will start marking these pages as “Not secure” in October 2017.

On August 17, Google sent an email to sites with forms/input fields on unsecured web pages notifying them of what’s to come. This news isn’t necessarily groundbreaking, as Google started this initiative as early as January when they began marking HTTP pages as “Not secure” if they had password or credit card fields.

In their notification via Google Search Console, Google wrote, “Beginning in October 2017, Chrome will show a ‘Not secure’ warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode…The new warning is part of a long term plan to mark all pages served over HTTP as ‘Not secure.'”

To fix the problem and avoid being marked as “not secure,” Google advised site owners to migrate to HTTPS.

Why is Google expanding the scope of “Not secure” warnings? Security has always been an important issue for Google and the search engine gives HTTPS sites a slight boost in search results.

“Passwords and credit cards are not the only types of data that should be private,” writes Emily Schechter of the Chrome Security Team. “Any type of data that users type into websites should not be accessible to others on the network, so starting in version 62 Chrome will show the ‘Not secure’ warning when users type data into HTTP sites.”

Here’s an example of how a user’s address bar will change when they start filling out a form on an HTTP site:

URL with "Not Secure" warning

Sites that refuse to increase their security could miss out on over half of the web browsing population. After all, would you proceed to a site and provide any information, personal or not, if your browser warned you it wasn’t secure? Chrome currently holds about 47% of desktop browser market share and 51% of mobile browser market share, reports NetMarketShare. There’s a good chance at least half of your customers use Chrome as their primary browser.

If your site collects any sort of sensitive information and is not on HTTPS hosting, it’s time to make a change.

In the short term, start by securing pages on your site that request sensitive information. Long term? Use HTTPS everywhere. According to Google’s Developer Blog, Chrome will eventually show a ‘Not secure’ warning for all pages served over HTTP, regardless of whether or not they contain sensitive input fields. If you’re not sure where to begin, GPO can help with a step-by-step guide for transitioning your site to HTTPS.

side view of person in yellow long sleeve typing on laptop in front of paned window

The Dos and Don’ts of Incorporating AI into Your Content Workflow

  • AI

Don’t just jump into the deep end of the gen AI pool! Check out our dos and don’ts for efficient incorporation.

Read more
view from below of hands holding onto rope while climbing up side of mountain

How Climbing Makes Me a Better Writer

  • Company News

Work-life balance is important, but sometimes life leaks into work. Here’s how a climbing hobby makes Kelsey Conner a better writer.

Read more
scenic view on a hiking trail in colorado with hills and trees

What We Learned from the 2024 GPO Walking Challenge

  • Company News

We just wrapped up the 2024 GPO Walking Challenge. Here’s what we learned.

Read more
Subscribe to our newsletter
Privacy Policy
  |  Copyright © 2024 GPO