Starting later this year, Chrome will change how it flags unsecured websites to users, Google announced in a blog post on Thursday. With the release of Chrome 68 in July, Google will mark all HTTP websites as ‘not secure’ using a newly designed address bar (seen below).
Chrome currently indicates HTTPS-encrypted sites with a green lock icon located next to the address bar. Additionally, the word ‘secure’ appears next to the icon.
This is not the first time Google has gone out of its way to steer web users away from unencrypted websites.
In 2015, the company changed its Search algorithm to downrank unencrypted sites. Around the same time, Chrome added a notification that would warn users against entering their login credentials into any website without encryption.
The decision comes following a year of “incredible” progress, says Emily Schechter, a product manager with the Chrome Security.
According to the Schechter, over 68 percent of Chrome traffic on both Android and Windows is currently HTTPS encrypted. Similarly, more than 78 percent of Chrome traffic on Chrome OS and macOS is now protected.
HTTPS helps protect web users by preventing man-in-the-middle attacks. Without the protection of HTTPS or something similar, a malicious hacker can capture data while it’s in transit between the user and a web server.