Google's Plan For Chrome To Clamp Down On Unsecured HTTP Connections Starts In January 2017

Image: Google

Google's inexorable march towards "a more secure web" continues, with the internet giant recently posting an update regarding the next steps it will take with Chrome to flag "non-secure" websites. 2017 looks like the year things will get serious, with sites featuring data-sensitive form fields and no HTTPS support in the crosshairs.

The start of 2017 will mark the first of many changes to Chrome that will "eventually" classify HTTPS-less sites as "non-secure" regardless of their content, according to Emily Schechter of the Chrome Security Team.

Chrome 56, which is slated for a January release, will "mark HTTP sites that transmit passwords or credit cards as non-secure", writes Schechter.

Changes such as this will be added incrementally, until finally, "all HTTP pages [will be marked] as non-secure" and you'll see the lovely red text and icon above.

It's sufficient to say if you haven't already sorted out a migration plan, certificates, etc., best to get onto it before the end of the year, especially if your sites feature an ecommerce element.

Moving towards a more secure web [Google, via gHacks]


    Does LH (and other allied sites) have a plan for this?

    Currently it's http:// only, and https:// requests are redirected back to an unsecured connection.

    Last edited 12/09/16 10:57 am

    Bring it on. Cert's are a lot cheaper these days.

    Heck, you can even get free certs from if money is too toght to mention.

Join the discussion!

Trending Stories Right Now