As TLS and SSL set a new benchmark for securely browsing the internet, devices and web browsers are equally raising the bar for presenting users a safe experience. As part of this effort, Google Chrome now displays a “Not Secure” warning in the web address bar when users visit a website without a valid SSL certificate. In the current version of Google Chrome (v63), this warning will only appear when entering information into a form, or if the browser thinks you’re trying to submit any type of secure information like login names and passwords. This warning will eventually occur on any HTTP page, but no timeline has been established.
What’s the difference between HTTP and HTTPS? What is the importance of TLS and SSL?
HTTPS encrypts the communication between a web server and the browser. By browsing via HTTPS (using TLS/SSL ciphers), we can prevent interference and intrusion such as injected advertisements and stolen data like passwords or credit card numbers. Any traffic sent unencrypted can be read and even modified by anyone between you and the website.
Learn more: Why HTTPS Matters – Google Web Fundamentals
What will users see if they try and browse via an insecure HTTP connection?
At this current time, Google Chrome browsers will be prompted that their connection is insecure any time the browser thinks you’re sending or receiving sensitive information. The warning may not appear immediately when browsing to a website. For example, when trying to log in to a website over HTTP, the browser will warn the user via the address bar only after the login field has been selected.