Is your website considered “secure” by Google? It might not be if you don’t take certain steps within the next couple of months.
In October, Google’s Chrome browser will start showing “Not secure” warnings more frequently on websites that have not yet made the transition from HTTP domains to HTTPS domains. HTTPS stands for Hypertext Transfer Protocol Secure and is the industry’s standard for encrypting data in transit for websites. The warning will appear under two specific circumstances when viewing a website with Chrome:
When someone visits an HTTP website and starts inputting data on the site, such as in a contact form, comment form, search box, etc.
When they visit an HTTP website in Incognito (private viewing) mode
When these circumstances are met, the visitor will see a “Not secure” warning in the address bar. This message may cause potential customers to think twice before reaching out to you through your website—and that could lead to lost business.
In April, Google announced the update would occur in October as part of the release of Chrome version 62. Google recently sent a reminder to webmasters about the upcoming launch to help ensure they’re ready.
If you are a current Scorpion client, you don’t have to worry about converting your site to HTTPS because we’ll automatically do it for you at no charge! We will obtain a Secure Sockets Layer (SSL) Certificate for your site on your behalf, so you don’t have to do a thing. Scorpion has been preparing for the Chrome 62 update for months and is ready to assist you.
How the Warning Labels Work
The “Not secure” label appears directly to the left of the web address, as shown below.
If someone is visiting an HTTP website and types into a search or form field, the warning will show up right when the typing begins. The warning is even more prominent when someone is visiting the site in Incognito mode, as it will appear as soon as the page is loaded and remain for the entirety of the visit.
In January, Google started using “Not secure” labels only for HTTP pages that collected passwords or credit card information. Upon the launch of Chrome 62, this will be significantly expanded to additional pages, and Google notes that it will one day show on all HTTP pages.
Here’s the logic behind the stricter security standards: Even though a user may not be entering personal information such as credit card information or an address, Google considers that this may still be information that needs to be kept private. As a result, it checks to see if the site uses the highest security protocol (even in Incognito mode) and then warns the user if it doesn’t. The problem is your website may be labeled “Not secure” even if there are no real security issues. This is why it’s best to convert your website to HTTPS ahead of time and avoid the problem altogether.
How Can I Tell If My Website Is Secure?
The easiest and fastest way is to load your website in a separate tab, window, or device. If you see “http” preceding your domain name (or just your domain name without any recognition of “http”), you have a standard website without an SSL Certificate active on your domain. In order to be considered fully secure, your domain should begin with “https” with some browsers including a unique lock symbol or the word “Secure” next to the web address.
How Does It Affect My Website?
It’s important to note this update will only apply to people who are using Google Chrome as their website browser. (Chrome currently claims nearly 60% of desktop browser market share.) Other major browsers such as Mozilla Firefox, Microsoft Edge, and Opera have not yet announced anything similar. While some web visitors may not even notice the “Not secure” warning in Chrome, it may cause others to distrust your website and take their business elsewhere.
Previously, having an HTTPS domain was a great additional security precaution, but it was not considered essential to successful website marketing. Now with the new Chrome update, it could play a critical role in making or breaking a site visitor’s trust. As a result, we encourage all businesses to switch over to HTTPS domains.
What Should I Do to Prepare for Chrome 62?
If you want to avoid having a “Not secure” label appear on your website, the best thing to do is take immediate action to obtain an SSL Certificate for your site. However, if you are an existing client, your Scorpion team is already handling it for you—so there’s no need to spend money out of your own pocket on an SSL certificate. We’re here to help ensure your website meets the latest security standards set by Google.
Want to know what else Scorpion does to helps brands and businesses succeed online? Learn more.
About the Author
Jesse Reinhart is Director of IT at Scorpion. With more than 15 years of experience in the industry, he manages the company’s technology infrastructure and ensures clients’ websites are kept fully secure and functional. Outside of work, Jesse enjoys playing soccer, traveling, and spending time with his family.