Starting September, Google Chrome will begin phasing out of the green “Secure” badge for all HTTPS sites. The latest development will not affect sites that are currently using the HTTP standard. This means that as announced previously, with version 68 in July, Chrome will begin marking all HTTP sites as “Not secure” in the address bar. Also, HTTP sites accessed under the Incognito mode will continue to show the “Not secure” label. Google says that the new move comes as it has evolved Chrome security indicators and is now aiming to show users that the Web is safe by default.
“Since we’ll soon start marking all HTTP pages as ‘not secure’, we’ll step towards removing Chrome’s positive security indicators so that the default unmarked state is secure,” said Emily Schechter, Product Manager, Chrome Security, in a blog post.
Instead of the green “Secure” label that can presently be seen upon visiting HTTPS sites, Google will show a grey lock icon at the left of the Omnibox on Chrome 69 that will be released in September. The ultimate goal, however, is the to completely remove any special indication for HTTPS sites.
With Chrome 70 that will come in October, Google will start showing the red “Not secure” warning when users enter data on HTTP pages.
“We hope these changes continue to pave the way for a Web that’s easy to use safely, by default,” concludes Schechter.
As per the data provided by Google back in February, 81 of the top 100 sites on the Web are using HTTPS by default, while more than 68 percent of the total Chrome traffic on both Android and Windows and over 78 percent of Chrome traffic on Chrome OS and macOS now flows over HTTPS.