first published week of: 09/12/2016
Chrome’s security team announced today that the browser will start marking websites that use insecure HTTP connections to transmit passwords and credit card data as insecure, beginning in January 2017. The warning will appear in the address bar of the browser and will call users’ attention to the fact that their personal information could be snooped or stolen.
Eventually, Chrome will add the security warning to HTTP pages when a user visits them in the browser’s “Incognito” mode, and later the warning will roll out to all HTTP pages.
The changes seem intended to pressure site owners to switch to the more secure HTTPS, which encrypts data while in transit and helps prevent the site from being modified by a malicious user on the network. “Don’t wait to get started moving to HTTPS. HTTPS is easier and cheaper than ever before, and enables both the best performance the web offers and powerful new features that are too sensitive for HTTP,” Chrome’s Emily Schechter wrote in a post announcing the changes. continued…