Google Chrome Will Mark Non-HTTPS Sites as “Not Secure” From July 2018

Google has been pushing for a “secure by default” online world for some time now, and this is one of the more aggressive pushes to ensure more websites are secure.

Come July 2018, Google will flag any website that is only HTTP and not HTTPS as insecure by displaying “Not Secure” within the browser itself.

Why is Google doing this now?

More sites have become secure over the past few years, after warming to the idea and seeing the benefits. Everything takes time, after all. However, Google clearly believes now is a good time to get the remaining people aboard the HTTPS train.

Google explains it this way on its blog:

For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.

How many sites are currently secured?

Google raised a number of statistics to give an idea how many sites are secured:

  • Over 68% of Chrome traffic on both Android and Windows is now protected
  • Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
  • 81 of the top 100 sites on the web use HTTPS by default

What are the benefits of HTTPS?

HTTPS is now much cheaper and simpler to implement than ever before.

Benefits include:

  • Performance improvements
  • New features too sensitive for HTTP
  • Ranking benefits
  • Browser labels
  • Increased conversions
  • Improved customer confidence

So overall, if you haven’t already made the switch, now is the time to switch to HTTPS. And if not now, definitely before July 2018.