Sites With Forms Will Need SSL for "Secure" Label in Chrome

In April of this year Google announced a new security feature in which all HTTP website pages will be labeled “not secure” in the newest Chrome browser (version 62) when a user begins to enter information into a form on that site. With implementation of this change scheduled to begin in October, Google sent out emails last week via Search Console accounts that notified site owners with applicable pages.

This change is the second phase of Google’s ultimate goal to mark all HTTP sites as non-secure and encourage website owners to move to HTTPS. Phase one, which included marking HTTP sites collecting password and/or credit card information as not secure, was implemented in January with Chrome 56. However, Google feels that “passwords and credit cards are not the only types of data that should be private.”

In addition to marking HTTP pages as not secure when a user enters data in a form, all HTTP pages will be marked as such when a user visits in Incognito mode. When using this type of private browsing, Google believes users “likely have increased expectations of privacy” and therefore should be notified of sites they are viewing that don’t have an SSL certificate in place.

http non secure

While using an SSL is considered standard for websites taking credit cards, many site owners who aren’t processing transactions have reservations about switching to HTTPS. In this talk from the 2016 Progressive Web App Summit, Product Manager for Chrome Security, Emily Schechter, debunks these common myths, including that SSL certificates are costly and switching from HTTP to HTTPS will negatively affect your search engine rankings.

If cost is a concern, Google suggests two cost-effective places to obtain an SSL certificate: SSLMate, which offers a standard certificate for one hostname at $15.95/year, and Let’s Encrypt, a project that provides free certificates for the public’s benefit.

For site owners worried about search engine rankings, it’s true that changing to HTTPS may initially lower a site’s rankings, due to the fact that having two versions of a site is a negative ranking signal. However, by following best practices for site moves, rankings should recover quickly and may even see a small boost, as HTTPS is a positive ranking signal in Google.

As with everything Google does, these changes are a part of their effort to continually improve on the user experience. Because users today expect a high level of privacy when browsing the web, it makes sense to push site owners towards the use of an SSL certificate. Overall, switching from HTTP to HTTPS should not have any detrimental effects on a website, and ultimately visitors will feel safer providing personal information.

If you need help securing your website, or have questions about moving to HTTPS, fill out our Get Started form or give us a call at 501-537-2246.

Contact Us

Interested in a free consultation? Fill out our Get Started form…

Go for it!

Or, give us a call...

Drop in and say hi...
2222 Cottondale Ln, Suite 100
Little Rock, AR 72202

Pixel Perfect Creative | 501.537.2246 | info@pixelperfectcreative.com