For some time, Google is working to ensure the safety of the user, while browsing the web. Since version 56, Google added the “Secure” tags for sites that use the HTTPS protocol and “Not secure” for those using HTTP, to force developers to implement the secure protocol, now the company has announced that it will mark the unencrypted sites as “Not Secure” automatically.
As explained by Google in their blog, from version 68 of Chrome, you will see a new notification of “Not Secure” in the address bar, when you access pages without encryption, that is to say, that they maintain the HTTP protocol.
Announced for the first time in February, Chrome’s design change is the latest move in multiple pushes from Google to get more encryption on the web.
Remember that HTTPS is a form of web encryption that ensures the connection between the user and the sites you visit. Websites and ad networks served without encryption are vulnerable to the injection of malware, a common tactic for low-level cybercriminals.
When you enter an HTTP website, your connection to the site is not encrypted. This means that anyone on the network can look at the information that comes and goes, or even modify the content of the site before it reaches you.
As of September, Google will begin to remove the insurance tag from the HTTPS sites and will only leave the label of Not Secure when it is an HTTP site, and in October with Chrome 70, users will see the word Not Secure in red, when they try to enter data in an HTTP page.
HTTPS certificates and protocols are widely available, and often for free, either through content distribution networks such as Cloudflare or public service projects such as Let’s Encrypt.