Back in April 2017, Google published a blog post announcing some big changes designed to move websites toward improved security standards. You’re probably familiar with their existing measures which include showing big, full page warnings when visiting a page collecting credit card information that is not secure. Here’s how Google describes the next step in this process.
“Starting October 2017, Chrome (version 62) will show a “NOT SECURE” warning when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode.”
This is all part of Google’s larger plan to label all HTTP sites as non-secure by requiring them to have valid SSL certificates (the security protocols that allow a website to create a secure, encrypted connection which it then uses to transmit data). Consequently, if your site doesn’t have an SSL cert by the time Google rolls out these changes in October, it could trigger the new browser warning:
Based on the feedback from readers via the SLL certificate survey from earlier in the week, all the respondents currently have a SSL certificate installed to cover everything from processing credit card payments to securely connecting with a CRM provider. One respondent even indicated they have a SSL cert installed simply because Google recommends it (kudos to you guys!).
I published an article about this topic at ArtsHacker.com which goes into much more detail regarding the exact conditions that trigger Google’s new “not secure” warnings. It also explains how you can verify if your site is currently running a SSL certificate, how to go about obtaining one, and the additional benefits having one provides beyond improved security.