Skip to main content

Google gets more aggressive in alerting users when web pages are not secure

google implementing aggressive policies in chrome themes header
In some cases, online security is a balance between users making good choices and systems providing the required information. Phishing attempts, for example, where fake sites grab private information by masquerading as official sites, only succeed because users are fooled into thinking they’re on legitimate pages.

One way to combat phishing is to use encryption, which verifies that a site is actually what it claims to be. One way to avoid becoming a victim of phishing, therefore, is to only enter private and sensitive information, like credit card and social security numbers, on encrypted sites. Google has been slowly implementing features in Chrome to make it clear when users aren’t on encrypted pages, and it’s getting even more aggressive in its efforts to help users stay safe.

While anyone can tell if a page is secured just by looking for the “https” header in the address bar, Chrome recently started explicitly marking HTTP pages as “Not secure” whenever they include password or credit card fields. Starting in October 2017, Google will cause Chrome to show “Not secure” in more situations, specifically when users enter any data on an HTTP page and when visiting any HTTP page in Incognito mode.


As the company puts it, “Passwords and credit cards are not the only types of data that should be private. Any type of data that users type into websites should not be accessible to others on the network, so starting in version 62 Chrome will show the ‘Not secure’ warning when users type data into HTTP sites.” Chrome 62 is due in October 2017, hence the timeline for implementing the more aggressive policies.

In addition, Chrome’s Incognito mode represents a particularly troublesome situation because it can cause people to confuse local privacy with data that’s entered on pages and submitted to sites. Incognito mode makes it harder to get on a user’s local machine and grab their data after a browsing session, but it does nothing to protect data once it’s sent from the browser to the internet. Therefore, Chrome will mark all HTTP pages as “Not secure” to ensure that users are reminded of those facts.

Google’s end game is to mark all HTTP pages in all browsing modes as “Not secure.” As the company points out, HTTPS is less expensive and less of a hassle to implement than ever before, and the sooner all sites switch over to HTTPS, the better for everyone. Perhaps by pointing out more sites as insecure, Google can essentially shame a few more sites into making the transition — along with providing the information users need to take their own steps in becoming more secure in their browsing practices.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
5 easy ways to dramatically increase security in Google Chrome
A MacBook with Google Chrome loaded.

If you're one of many people who use Chrome as your default web browser, then you might want to take some steps to ensure that it's extra secure. This can help you in a world where hackers are always after passwords and can easily spoof websites to look like the real thing.

Well, Google has a lot of tools built right into Chrome that can help with that protection. From Safe Browsing to encrypting passwords and more, we got you covered with five easy ways to dramatically increase security in Google Chrome.
Change your Safe Browsing settings

Read more
Google Lens is getting Chrome integration to help you find out-of-stock products
Google Lens shopping integration.

Google announced at its Search On event on Wednesday that it's bringing the smartphone functionality of its Google Lens to the desktop version of Chrome. Lens is an app that helps identify objects, and it's installed by default in many Android phones.

At some point in "the coming months," Chrome will receive an update to incorporate Lens-style searching into Chrome. Instead of the old highlight, then right-click, then "search Google for" three-step process, you can search a webpage directly with Lens.

Read more
Update Google Chrome now to patch this critical security flaw
A MacBook with Google Chrome loaded.

You might want to update your Google Chrome web browser right away. Google recently issued a critical security update for Chrome, patching up 11 security issues, including two zero-day vulnerabilities that were exploited in the wild.

Released on September 13, Google first listed the patched vulnerabilities on the Chrome Releases blog. Full details are being withheld for security reasons, as Google wants a majority of users to update first.

Read more