August 30th, 2017 by Shawn Kerr
Google Search Console is sending email notifications to its users about near-term and longer-term changes coming to Chrome, Google’s web browser. Starting in October, Google Chrome users will see a “NOT SECURE” notification on any data entry forms found on HTTP website pages. This change is yet another signal from Google to get websites to migrate to HTTPS protocol for secure data transfer transfer. It follows a previous Chrome update (version 56) that added this “not secure” notification to any non-secure sign-in that has a password or any form with a credit card entry field.
What Is HTTPS?
If you’re not familiar with the “https” prefix used for certified secure websites, I recommend you read my post “Managed SSL Hosting: Keep Google Happy & Website Secure with HTTPS” before going any further.
Why Does Google Want Websites to Migrate to HTTPS?
In short, Google recognizes that the need for increased internet security is growing rapidly. The data transfer encryption of SSL-certified HTTPS websites isn’t new – it’s just more important to Google (and all internet users) than it has been in the past.
How Will This Chrome Update Notify Users of Website Security Issues?
The Google Search Console’s emailed description of the update is fairly vague:
“Starting October 2017, Chrome (version 62) will show a “NOT SECURE” warning when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode.
“The following URLs on your site include text input fields (such as < input type=”text” > or < input type=”email” >) that will trigger the new Chrome warning.”
The “Not secure” warning will appear on Chrome’s website address bar, highlighted in the image below:
In the default Standard mode, used by most Chrome users, the “Not secure” notice will appear when a user attempts to type into any text entry field on a non-HTTPS page. In the privacy protected Incognito mode, the “Not secure” notice will appear when arriving on a non-HTTPS page:
How Might a Non-HTTPS Business Website Be Affected?
As reported in the Chromium blog post about the previous change in Chrome 56 to show this notice on website with password or credit card forms:
“…there has been a 23% reduction in the fraction of navigations to HTTP pages with password or credit card forms…”
With this upcoming update, users will see the notice if you have something as simple as an email subscription form on your website and that could cost your website visits that might otherwise covert.
To drive home this incentive from Google, the Chromium blog post closes with:
“Eventually, we plan to show the “Not secure” warning for all HTTP pages, even outside Incognito mode. We will publish updates as we approach future releases, but don’t wait to get started moving to HTTPS!”
This is a very clear message from Google: migrate to HTTPS.
Don’t Have an HTTPS Website…or Google Search Console?
InsideOut Solutions hosting clients can migrate to HTTPS with premier Secure Sockets Layer certification (SSL hosting). Doing so will put you ahead of this pending update to Google Chrome.
InsideOut Solutions hosting clients may have their Google account user added as an Owner of their website’s Google Search Console at no charge and training is available as a consultation service.
Contact us today to discuss your needs.