Google is taking another step forward to ensure all websites and digital products take security precautions. Here’s what that could mean for your website.
Earlier this year, Google’s Chrome browser began adding ‘not secure’ alert messages inside form fields for passwords and credit card numbers on payment forms. In October, the newest version of Chrome will insert ‘not secure’ alerts into HTTP pages with search or other form fields. Google says that this update will include any page with a search box, letting users know that their data is being sent over an unencrypted connection.
The change will also affect HTTP pages that are being viewed in Incognito mode. Users often (and incorrectly) assume Incognito mode is a safer way to use the Internet, so Google wants to make sure there is no confusion about whether data is securely transferred.
Chrome accounts for more than 59% of the browser market, according to NetMarket Share. With over two billion installs, any changes made to Google’s browser will impact a significant number of websites. Given this latest update, it’s possible that users may abandon non-secure sites for a more secure alternative.
This update is not the company’s only effort to improve web security: Google called for HTTPS to be used on every website back in 2014 when they noted its inclusion as an additional ranking signal in their search algorithm.
With online data hacks significantly on the rise and the HTTPS inclusion as a search signal, website owners have many compelling reasons to consider adding a security certificate to their site. Our recommendations are to:
- Confirm your site has an active SSL certificate.
- Set up redirects for all HTTP pages to HTTPS, particularly any pages with input fields.
- Check your website on October 24 to make sure you don’t see any “not secure” error messages in Chrome.
Need help keeping your site secure?