Do you pay attention to the address bar when you visit a website? Do you check to see whether it starts with HTTPS? You should, and in 2017 it will become even more important that you do.
Google recently announced the release of Chrome 56 in January 2017 that will treat all standard HTTP pages with logins or credit card fields as not secure. We should of course be watching to see if password or banking pages have the padlock and the HTTPS browser information. But from now on, if you use the updated version of Google Chrome, you’ll be told whether the page you’re on is secure or not.
So, if you’re a website owner and you have login pages requiring passwords and you take payments online, it’s time to make sure all your pages are secure for your visitors. If you don’t, you could find your traffic drops as more people search for a website they know they can trust.
Google’s blog indicates the changes will occur gradually. To begin, they’ll add the ‘not secure’ notification, but later releases of Chrome are likely to go a step or two further. All HTTP pages will eventually be labelled as such, although by then it’s hoped many more website and company owners will have updated their sites to ensure HTTPS is loaded by default.
So, while changing only your sensitive login and banking information pages to HTTPS will suffice to start, in the long term you should focus on getting every page to display over a secure connection. A significant proportion of sites have already made the move, and more are bound to follow given this new measure announced by Google. It makes sense to make this the year you do the same for your websites.
Please reach out to us if you need any advice regarding adding a SSL Certificate to your website or advice about your website security.