1st July 2019

Websites marked as “Not Secure” in Chrome

This article is at least 4 years old. Views, opinions, or technology mentioned may have evolved since its publication.
Person using a laptop

As of July 2018, Chrome users visiting websites that are HTTP (http:// at the start of a website address) are faced with warnings that the site is insecure. In other words, sites that don’t have HTTPS (https://) will show a “Not Secure” label when visiting the website – potentially putting people off from buying, contacting you or even browsing the site.

These changes came with the Google Chrome 68 update and apply to both internet-facing websites and private/corporate intranet sites visited using Chrome which has roughly a 60% share of the browser market.

According to SSL certificate provider, DigiCert: only 43% of the top million Alexa-ranked sites used HTTPS by default. Meanwhile, a W3Techs survey found that 35.6% of the top 10 million websites used HTTPS by default.

This update to Chrome is good news for most users, as it enhances our security when browsing websites. Without it, we risk exposing our usernames, passwords, confidential information, messages, payment information and anything else we type into a non-HTTPS site. Therefore, it’s hugely important that any website which has any forms (including contact forms) or shopping functionality needs to have an SSL certificate which forces the user to access the site through HTTPS.

Scott Helme, a security researcher, says: “The move to mark HTTP as ‘Not Secure’ is also being followed by plans to simplify the HTTPS indicators too, the two approaches go hand in hand.”

“As HTTPS becomes more and more the default, it makes no sense to keep the ‘Secure’ indicator present, the browser should only tell us when something notable happens.”, Helme said.

Many website owners whose sites are not yet secured by HTTPS believe that HTTPS is expensive because it requires an SSL/TLS certificate for which many companies charge an annual fee. However, if your website is hosted with Parrot Creative then your site will have HTTPS included for free – either through our highly secure CDN and firewall (CloudFlare), Let’s Encrypt or both for best security.

Chrome aims to eventually mark HTTP sites with a red “Not Secure” marker, so it’s crucial to start thinking about the security of your site.

Get in touch with our website fix experts if you would like your website to be a part of a faster and safer web. We can offer free advice and guidance, or make your site secure for you for a minimal fee.

Related Posts

More articles from our blog