Google to mark all HTTP sites as ‘not secure’: HTTPS encryption explained
Today in New Delhi, India
Jan 19, 2019-Saturday
New Delhi
  • Humidity
  • Wind

Google to mark all HTTP sites as ‘not secure’: HTTPS encryption explained

If your website is still not using HTTPS encryption, you need to act soon.

tech Updated: Feb 09, 2018 12:03 IST
Kul Bhushan
Kul Bhushan
Hindustan Times
Google Chrome 68,Google Chrome HTTP,Google Chrome HTTPS
What is HTTPS encryption and why it’s critical(REUTERS)

Google will soon flag websites without HTTPS encryption as “not secure”. The new change will be part of Google’s next update to Chrome Browser version 68, scheduled to release in July this year.

The warning notification will appear next to the address bar. All websites with HTTPS encryption on Google Chrome browser come with a green lock icon with a “secure” notification next to their URL.

What is HTTPS and why it’s critical

HTTPS is a more secure version of the former protocol known as Hypertext Transfer Protocol (HTTP). The encryption is based on the Transport Layer Security (TLS), which itself is the successor to older protocol called SSL, which stands for Secure Sockets Layer.

TLS is now a standard technology for keeping any internet connection safe and secure from any third-party trying to get the access. The technology uses advanced encryption algorithms to ensure the data transmitted between the browser and website cannot be read by anyone else.

In simpler words, HTTPs ensures that the communication thread between your browser and the website you’re surfing cannot be breached by anyone else.

Without this encryption, it is possible for hackers to access your router to track information shared between the user and websites. Without an encryption in place, hackers can also sneak malicious wares or gain access to users’ personal data. Most of the websites, especially those handling critical information such as banks, have this encryption in place.

Google Chrome omnibox will display “Not secure” for all HTTP pages. (Google)

Google’s war on non-HTTPS websites

Google has been purging non-HTTPS-enabled websites for a very long time. Back in 2015, the company announced downranking all such websites from its search results.

An example of how a secure connection with HTTPS encryption looks like. (HT)

The next year, Google rolled out a change to its Chrome browser which marked all HTTP login pages as “not secure” with an elaborate warning, “Your connection to this site is not secure. You should not enter any sensitive information on this site (for example, passwords or credit cards) because it could be stolen by attackers”.

The warning follows with a link redirecting to Google’s support page on how to determine if a website’s connection is secure. Google, in its latest blog post, says that developers have already been transitioning their websites to HTTPS.

Since last year, more than 68% of Chrome traffic on both Android and Windows is now protected, Google said. Also, 81 of the top 100 websites on the web use HTTPS by default whereas over 78% of Chrome traffic on Chrome OS and Mac is now protected.

First Published: Feb 09, 2018 12:01 IST