Google has announced that Google Chrome will begin marking any page with a password or credit card field as insecure if the page is not on HTTPS. The change is scheduled to go live in January 2017, when Chrome version 56 launches.
The biggest impact of this will likely be forums and other user generated content sites, many of which are still on HTTP. This will also impact sites that have password fields via widgets, such as allowing a user to login via Facebook or Google.
It will only impact the specific pages with password or credit card fields. So it will not flag the entire site as insecure. I suspect many will be more conscious of where the logins are located on sites, since many insecure sites have login areas site-wide.
For site owners, this could have an impact on bounce rate and pages per session, as some visitors might feel more uncomfortable on some sites when Google is deliberately flagging it to show insecure.
Google also reiterates that they plan to eventually mark all non-HTTPS as not secure, although they haven’t yet given a timeline on when this will happen.
This isn’t a surprise, and Google has actively talked about changes coming to Chrome to help make users more aware of when a site is insecure. Google has been pushing for sites to go HTTPS for a couple of years now, in a push to make the web more secure, and there is also an associated minor ranking boost for sites that to go HTTPS.
Latest posts by Jennifer Slegg (see all)
- Google Updates Quality Rater Guidelines: Reputation for News Sites; Video Content Updates; Quality for Information Sites - September 13, 2019
- Google Makes Major Changes to NoFollow, Adds Sponsored & UGC Tags - September 10, 2019
- Google Updates Quality Rater Guidelines Targeting E-A-T, Page Quality & Interstitials - May 17, 2019
- Google Local Service Ads Display Pricing Estimates for Specific Locations - August 31, 2018
- Google Testing “Relevant History” Section in Mobile Search Results - August 31, 2018