Google Chrome To Flag Sites Without SSL Certificates and HTTPS as Insecure
Over the course of the last two years, rumors have swirled over Google’s position concerning forcing the move to HTTPS encryption.
Last year, Google began officially warning website owners that non HTTPS sites would incur consumer messaging that identified the site as non-secure.
Google SSL policy
Google says SSL Certificates on Your Website Are Required
The exact “when’ and the “how,” however, have eluded site owners up until today.
On February 8th, Google made clear its intentions to formally mark websites lacking SSL Certificates (the certificate which once installed on the website results in an HTTPS secure URL string) as insecure.
Google has confirmed a date of “early July 2018” as the start date. They have also disclosed how they will alert web surfers of the non-HTTPS status, or not secure.
Sites that remain on the HTTP non-secure protocol will be flagged with a warning in the URL bar of the surfer’s browser.
The non-secure flag will be built into the release of Chrome 68, which will be ready for download in early July.
What Is An SSL Certificate?
An SSL certificate is a security certificate that once installed on a web server activates a secure connection between the browser the surfer is viewing the content on and the web server that the content is derived from initially.
The website’s URL protocol will change from HTTP to HTTPS. Currently, a security padlock will also be present in the URL as a way to further signal the status of the website’s Google SSL certificate.
SSL certificates help the web cut down on instances of cybercrime that are often performed through security loopholes in web browsers.
If the connection between the surfer’s web browser and web server are not secure through an SSL connection, a moderately skilled hacker could seize information, such as credit card numbers, as it is being typed into a form on an unsecured website.
Why are Google SSL Requirements Important?
- Establishes Trust and Builds Brand Power
- Provides Encryption of Sensitive Information
- Provides Authentication