As far as Google is concerned, unencrypted HTTP web connections should be nearing the end of the road.
In 2014 at the I/O conference, it declared “HTTPS everywhere” as a security priority for all web traffic, followed in 2015 by the decision to downrank plain HTTP URLs in search results in favour of ones using HTTPS (where the latter was available).
A year ago, it started labelling sites offering logins or collecting credit cards without HTTPS as ‘not secure’.
In a symbolic moment, it has now confirmed that with the release of Chrome 68 in July, this label will be applied to all websites not using HTTPS.
It’s a small change that streamlines the slightly confusing way Chrome denotes the presence or absence of HTTPS in address bars. From July, the ambiguous grey ‘i’ icon used to tag many non-HTTPS sites today will be supplemented by a clearer ‘not secure’ label. This will look like:
Other browsers (Firefox, Edge, Opera) rely on green or grey padlock symbols to denote HTTPS sites, dropping back to more than one type of grey icon for non-secure HTTP.