From today, Google Chrome starts marking all non-HTTPS sites 'Not Secure'

Starting today with the release of Chrome 68, Google Chrome prominently marks all non-HTTPS websites as 'Not Secure' in its years-long effort to make the web a more secure place for Internet users.

So if you are still running an insecure HTTP (Hypertext Transfer Protocol) website, many of your visitors might already be greeted with a 'Not Secure' message on their Google Chrome browser warning them that they can't trust your website to be secure.

By displaying 'Not Secure,' Google Chrome means that your connection is not secure because there is no SSL Certificate to encrypt your connection between your computer and the website's server.
So, anything sent over a non-HTTPS connection is in plain text, like your password or payment card information, allowing attackers to snoop or tamper with your data.

The non-https connection has been considered dangerous particularly for web pages that transfer sensitive information—like login pages and payment forms—as it could allow a man-in-the-middle attacker to intercept passwords, login session, cookies and credit card details as they travel across the network.

Timeline of Not Secure Warning on Google Chrome.

This significant transition has not occurred overnight, Google intentionally processed it slowly over the period of a few years to give website admins enough time to move their sites over to a secure connection.

Initial Stage - Starting with the release of Chrome 56 in January 2017, Google began its mission to make the web a more secure place by displaying 'Not Secure' warning in the address bar for those HTTP websites that collect passwords and credit card information on their customers.

Transitional Stage - Later in October 2017 with the release of Google Chrome 62, the web browser started labelling all those websites as 'Not Secure' which had any kind of text input fields to enter data over an insecure HTTP site as well as on all HTTP pages visited in Incognito mode, where users may have higher expectations of privacy.

Final Stage - Today, 24th July 2018, Google has released Chrome 68, giving the entire web a push towards secure and encrypted HTTPS connections by marking all websites that do not use the secure HTTPS encryption as 'Not Secure,' even if they don't handle sensitive data, communications, or information.

What Next? Move Your Site to HTTPS

According to Google's transparency report, 75 percent of websites visited in Google Chrome on Windows is using HTTPS, and 81 out of the top 100 sites on the Internet today use HTTPS by default.

6 Reasons Why You Should Enable HTTPS On Your Website

HTTPS improves Google rankings and SEO
HTTPS improves website security and privacy
HTTPS increases credibility and improves customer confidence
HTTPS improves website speed, as HTTP2 is faster than HTTP
HTTPS makes surfing over public Wi-Fi safer
HTTPS is now free!

Adopting HTTPS is the perfect choice for you and everyone who visits your site.

If you do not yet have SSL implemented yet, your website with the Not Secure warning is going to scare your visitors.

Today, installing an SSL certificate and enabling HTTPS on a website is neither expensive nor a tough task. You can merely use automated services like CloudFlare or Let's Encrypt that allow anyone to obtain free SSL certificates for their web servers.

Google has also published a technical tutorial on how to migrate a website to HTTPS.

Besides this, with the release of Google Chrome 69 in September this year, the company is also planning to remove the "Secure" label on HTTPS web pages, giving users the idea that the web is a safe place by default.



  1. An SSL certification is something that every company need to carry their web site, particularly after Google focused on websites Free SSL Certificates for better search engine rankings. SSL, which means Secure Socket Layer, is an encryption innovation utilized to create a secure link in between a web server as well as a customer's internet browser.

  2. The blog is good enough, keep up writing such type of posts.
    web companies

  3. Engineers have constantly had information, what has actually altered is just how we share it. We usually resist process changes with eagerness. While we have actually taken on the ever-improving world of computer-aided design, presumably that the one lingering hold-over from engineering past is that of the 2D illustration.2d design

  4. These are truly amongst the wonderful informative blogs.
    web design agency

  5. They offered a fresh perspective to top web designer guide our project

  6. For the excellent company Begin with the internet site, the customer service over the cell phone, to the detailed care they deliver in your presence
    leather jacket

  7. Outstanding blog, in my opinion site owners should acquire a great deal out of this blog its very user welcoming.
    on page seo

  8. You have touched good quality points here. In whatever way continue writing.
    curated links

  9. They were able to stick to the timeline and stay under budget while delivering a high-quality product.
    brand development agency