A couple of years ago, to help encourage websites to adopt HTTPS, they started to mark websites on Chrome with “Secure” badges in the address bar (see screenshot above). This let users know if a website was using HTTPS or not, but fast forward a few years later, Google thinks that those badges are no longer needed.

Advertising

According to Google, “Users should expect that the web is safe by default, and they’ll be warned when there’s an issue. Since we’ll soon start marking all HTTP pages as ‘not secure’, we’ll step towards removing Chrome’s positive security indicators so that the default unmarked state is secure. Chrome will roll this out over time, starting by removing the ‘Secure’ wording and HTTPS scheme in September 2018 (Chrome 69).”

According to Google, they had previously refrained from using the red “not secure” badge simply because there were too many HTTP websites around, which would probably cause a bit of a panic if users kept seeing that the websites they visited were not secure. However Google now feels that there are enough HTTPS websites where HTTP websites are now the exception and the “not secure” badge can be used.

As per Google’s post, they will remove the “secure” badge starting this September in an update to Chrome, so if you are using Chrome then and don’t see the “secure” badge, you can assume that it is by default.

Filed in General. Read more about Chrome, Google and Security.

Related Articles on Ubergizmo