Chrome 68 will mark all HTTP pages as insecure in July


If you use Google's Chrome browser—or any of its Chromium-based siblings—you're probably familiar with seeing "not secure" up in your address bar next to sites that use a standard HTTP connection instead of secure HTTPS for login prompts and other forms. Over the last year, Chrome's been tightening the restrictions on what it considers to be a secure page in an attempt to push the web toward using HTTPS everywhere. Starting in July this year, Chrome will be marking any site and page that still uses HTTP as "not secure."

According to Google, having the whole web using the encrypted HTTPS protocol will make browsing safer for everyone and could also have performance benefits. It's not much of a switch; the company says that most people are already using HTTPS, seeing as the protocol accounts for over 68% of Chrome traffic originating from Windows and Android clients, as well as 78% of traffic from Chrome OS and macOS. Google also notes that 81 of the top 100 sites on the web use HTTPS by default. For our part, TR made the switch late last year.

If you're a user, you don't have to do anything. Google offers web developers who would like to transition their pages to HTTPS the latest version of its Lighthouse tool that includes mixed-content audits. The company also has extensive documentation and set-up guides for developers to peruse.

Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.