Google just announced that from starting July it will mark all HTTP sites as ‘not secure’ with an aim to offer secure browsing. Starting with Chrome 68, the search engine giant will show all the non-HTTPS sites as not secure for browsing.
This isn’t surprising since Google already shows the HTTP sites with text fields as insecure when you enter any information. The company also says that over 68% of Chrome traffic on both Android and Windows, over 78% Chrome traffic on both Chrome OS and Mac and 81 of the top 100 sites on the web use HTTPS by default and are now protected.
For years HTTPS was regarded as a requirement for sites handling critical information, like bank portals. But since the last couple of years, regular sites gaining traction with HTTPS thanks to the availability of free SSL/TLS certificates and even browsers started encouraging the shift.
Google said that Chrome is dedicated to making it easy to setup HTTP sites to migrate to HTTPS. The Mixed content audits are now available to help developers migrate their sites to HTTPS in the latest Node CLI version of Lighthouse which is an automated tool for improving web pages. The lighthouse audit will help developers to find which resources a site loads using HTTP, and which of those are ready to be upgraded to HTTPS simply by changing the subresource reference to the HTTPS version.
Google believes that HTTPS is easier and cheaper than ever before, and it boots both performance improvements and powerful new features that are too sensitive for HTTP.
Before you ask, we have been testing HTTPS implementation on fonearena.com, which should roll out in a couple of months.