Chrome 68 to Flag Potentially Insecure Websites

Posted on July 24, 2018 by Paul Thurrott in Cloud, Google with 4 Comments

Well, it’s finally happening: Starting with its next major release, Google Chrome will flag websites that are not delivered over HTTPS.

Google first announced its plans for this change way in September 2016, when it noted that Chrome didn’t then accurately reflect the lack of security in websites delivered over HTTP.

Since then, Google’s attitude towards insecure website has evolved, however. In October 2017, it announced that it would reverse how website security is identified in Chrome. Now, instead of showing a secure badge for HTTPS sites, it would display nothing; and it would display a “not secure” badge for HTTP sites.

Those changes arrive over the next two Chrome releases. Chrome 68, which Google plans to release today, on July 24, will now flag HTTP sites as “not secure.” And with Chrome 69, due in October, the browser will no longer flag HTTPS as “secure”: Instead, that will be the expectation for websites and only exceptions will be highlighted.

Thanks to Android Police for the reminder.

(Note that has been delivered over HTTPS since its inception in January 2015. –Paul)

Elevate the Conversation!

Join Thurrott Premium to enjoy our Premium comments.

Premium member comments on news posts will feature an elevated status that increases their visibility. This tab would allow you to participate in Premium comments with other premium members. Register to join the other Premium members in elevating the conversation!

Register or Subscribe

Join the discussion!


Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate