Upcoming changes in web security standards for Chrome
As announced in September, Chrome will soon mark non-secure pages containing password and credit card input fields as Not Secure in the URL bar. Warnings will be enabled by default for everyone in Chrome 56, slated for release in January 2017.
What does this mean?
HTTP is used for network communication between the server where your website is hosted and the visitors' browsers. When HTTP is being used, data transmitted during the communication is unprotected and can be intercepted or modified.
HTTPS provides an encrypted connection that gives protection to the privacy and integrity of the data exchanged between the browser and the server. This is a great way of protecting your websites that have login forms asking for personal data (usernames, passwords, addresses, credit cards, bank details, etc).
What are the consequences?
If your website has login forms, but doesn’t use HTTPS, visitors' browsers will display the "Not secure" message, meaning that the connection is not encrypted. In the beginning, the warning message will be displayed in Google Chrome right in front of the address bar.
Eventually, Chrome will show a Not Secure warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields. Even if you adopt one of the more targeted resolutions above, you should plan to migrate your site to use HTTPS for all pages.
We advise you to migrate as soon as possible to HTTPS. Your website will be better protected and your users will know for sure that their personal data can't be used illegally. Contact us now to set up an appointment and to find out if your website is prepared.