Home » News » Google moves closer to encrypted web

Google moves closer to encrypted web

Friday, 1 June, 2018

As part of Google’s ongoing strategy for an encrypted web, Chrome will now mark all HTTP pages that do not display the green secure lock with a red ‘Not Secure’ warning.

As far back as 2014 Google had proposed that Chrome would initially mark only HTTP pages requesting passwords or financial details as ‘Not Secure’, but promised to eventually mark all unencrypted pages in the same manner.

Four years later, more than 93% of the traffic using Google resources employed an encrypted connection. This is in comparison to just 50% in 2014.

Just three years ago around 40% of the loaded pages were using HTTPs. With around 75% of pages loaded via Chrome now served by HTTPS, Google has its eye on complete elimination of unencrypted connections.

For the past several years, we’ve moved towards a more secure web by strongly advocating that sites adopt HTTP encryption. And within the last year, we’ve helped users to understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as ‘not secure.’

Previously, HTTP usage was too high to mark all HTTP pages with a strong red warning but in October 2018 (Chrome 70), we’ll start showing the red ‘not secure’ warning when users enter data on HTTP pages.

Users should expect that the web is safe by default, and they’ll be warned when there’s an issue. Since we’ll soon start marking all HTTP pages as ‘not secure’, we’ll step towards removing Chrome’s positive security indicators so that the default unmarked state is secure.

We hope these changes continue to pave the way for a web that’s easy to use safely, by default. HTTP is cheaper and easier than ever before, and unlocks powerful capabilities, so don’t wait to migrate to HTTPs.

- Emily Schechter: Product Manager, Chrome Security

The latest announcements are part of Google’s push for more webmasters to adopt HTTPs as a secure encryption standard for data in transit.

This means any data from your computer to a website is transmitted securely and is protected from attackers.

HTTP wraps a secure tunnel around a site and its user while the encryption also serves to ensure the content hasn’t been modified by any attacker.

Google is not the only internet company to push for the adoption of HTTPs. WordPress started offering free HTTPs to all hosted websites, while Amazon is offering free security certificates to AWS customers.

Tim Bamford author picture

By:

Tim is a veteran freelance journalist writing extensively on internet news and cybersecurity.

News What's the story?

Keep up with the latest developments in UK broadband.

The biggest malware threats of 2020…so far

It’s been a year few of us will forget in a hurry, and we're only halfway through.

The biggest malware threats of 2020…so farThe biggest malware threats of 2020…so far Read more

Instagram could become the main news source for young people.

Reuters finds changes in the way younger users consume the news.

Read more

BT launches second line service

BT launches second broadband home line service for the new crop of home workers.

Read more

Best broadband areas for online gaming in the UK.

Read more

Help Learn with us

Make the most of the internet with our broadband library.

How to check if your broadband is down

It might seem obvious that an outage has occurred, but there are easy ways to check if your broadband is down, or whether the problem is more localised

How to check if your broadband is downHow to check if your broadband is down Read more

A guide to Big Tech alternatives.

It seems like we’re reliant on a small group of companies, are there alternatives?

Read more

Quick tips for boosting home broadband speed

Boosting speed can transform activities like streaming, gaming and accessing cloud storage

Read more

What’s the difference between hardware, firmware and software?

Read more