To help web users browse websites more safely, Google Chrome displays a lock icon in the address bar to indicate a website secured by an SSL Certificate ( HTTPS ).
Google Chrome had not shown HTTP connections as non-secure until January 2017; This is when Google started to push updates to their chrome browser to better indicated to their users if a website is secure or not.
If a web page collects passwords or credit cards via a non-secure connection a Non Secure label will be shown in the users address bar.
HTTP pages will be marked with "Not Secure" in the URL bar under the following conditions:
- The user is browsing in Chrome incognito mode.
- The page contains a password field.
- The user interacts with any input field.
According to the Chrome Security Team, after the release of Chrome 56, there has been a 23% cutback in the navigation of HTTP websites that has credit card or password fields. However, these are not the only two things that require protection. Therefore, all web pages that require user input should be private and secure.
The goal of the changes made by Google is to more clearly display to users that HTTP provides no data security. With data security not present, the user interface should display a notice, so users can make informed decisions about how to interact with the website
Fix the Google Chrome Not secure warning
To make sure "Not Secure" warnings are not shown to your users when visiting your website, you must ensure all pages that contain an input field are presented only on a secure origin/URL.
All content should be loaded via HTTPS and the page should not contain any forms embedded in an in-secure HTTP iframe.
Google's plan is to eventually show all pages served over HTTP as Not Secure, thus it is a good idea to plan to move your whole site to be served over HTTPS.
To server your website over HTTPS you will need to purchase an SSL Certificate. Once the SSL Certificate is issued to you, and installed on your server/website, you can then begin to load your website via HTTPS by visiting https:// www.yourdomain.com.
With your website loading over HTTPS and all content loaded via HTTPS including images, JS files and CSS files, your users will see the secure icon and no more warnings.
You can Purchase an SSL Certificate today by visiting the SSLTrust online store here.
If you need assistance in selecting the right SSL from your website and also to get help with the installation please contact one of our sales team members here.
To read more about why you should use HTTPS and secure you website please visit this guide from google: Why HTTPS Matters