Affiliate Disclosure: By buying the products we recommend, you help keep the lights on at MakeUseOf. Read more.
With well over half of all websites now encrypted, it’s time to think of HTTPS as the default option rather than the exception. That is, at least, according to Google, which is changing the way Chrome handles secure vs. non-secure web pages. And about time too.
Over the last year there has been a push to switch all websites to use HTTPS (Hyper Text Transfer Protocol Secure). Google has been especially keen for sites to make the switch, and with more sites complying, it’s time to change the way we view the web.
Switching From HTTP to HTTPS
At the moment, sites that aren’t secure don’t have any special labels attached. As far as Chrome is concerned they’re considered the standard. On the flipside, sites which have HTTPS switched on get a green “Secure” label with a lock symbol attached.
However, this is all set to change over the next few months. As outlined on the Chromium Blog, with the release of Chrome 69 in September, the “Secure” label will disappear. And then at some point in the future, Google will remove the lock symbol as well.
Since HTTPS should be the default, Chrome will remove the "Secure" indicator for HTTPS sites. It's the new default. Insecure sites (HTTP) will be called out. https://t.co/JW6Bms0APV pic.twitter.com/kXq7x7FAsk
— /dev/eloper (@mattiasgeniar) May 18, 2018
In addition to this, with the release of Chrome 70 in October, standard HTTP pages will be labelled with a “Not Secure” warning with a red triangle attached. In other words, Google is turning everything on its head and labelling HTTP rather than HTTPS.
Google’s reasoning for making this change is that “users should expect that the web is safe by default”. So, rather than having HTTP as the standard to be expected and HTTPS as a rare beast to be celebrated, HTTPS becomes the standard and HTTP is vilified.
Google Ups the HTTPS Ante
This actually makes a lot of sense. Thanks to companies such as Google, more of the web is now encrypted, which means that’s the default. Unfortunately for sites which still haven’t made the switch from HTTP to HTTPS this just piles the pressure on.
It’s shocking it has taken this long for most of the web to switch to HTTPS. We were explaining what HTTPS means back in 2011, and it has taken seven years to get to this point. Still that was before we understood quite how much we’re all being surveilled.
Image Credit: Stephen Shankland/Flickr