Google to soon mark all HTTP sites as non-secure

10 Feb 2018

Search engine giant Google yesterday said that it will soon mark all HTTP sites as non-secure, Chrome security product manager Emily Schechter said in a blog post for the company.

The move is aimed at encouraging websites to adopt HTTPS encryption. The Hyper Text Transfer Protocol Secure (HTTPS), the secure version of HTTP, secures data sent between the user's browser and the website that they are connected to. According to the blog post, the 'not secure' tag for the HTTP websites would be rolled out from July 2018, the same month when Chrome 68 is expected to make its debut.

According to the company, the transition from HTTP to HTTPS helped protect over 68 per cent of Chrome traffic on Android and Windows last year. The search giant revealed that more than 78 per cent of Chrome traffic is now protected on Chrome OS and Mac.

''Chrome is dedicated to making it as easy as possible to set up HTTPS. Mixed content audits are now available to help developers migrate their sites to HTTPS in the latest Node CLI version of Lighthouse, an automated tool for improving web pages,'' the Google blog post read.

According to Google, 81 of the top 100 sites on the web now use HTTPS by default. Google added that over 68 per cent of Chrome traffic on both Android and Windows and more than 78 percent of Chrome traffic on Chrome OS and macOS now flows over HTTPS.

In addition to leveraging Chrome's dominant position in the browser market to encourage the switch to HTTPS, Google has been working on other fronts too. Also in addition to using HTTPS as a ranking signal, the search giant started indexing HTTPS pages by default in December 2015.