It’s over: starting in July, Google Chrome will mark all the websites that do not use HTTPS as insecure
The transition to an encrypted website has accelerated in recent years. Google already penalizes pages that do not use HTTPS in their search results and, in general, all browsers have been updating their interfaces to make it clear when we navigate through a secure site (that is, with an SSL certificate).
It was a matter of time before the opposite happened: that our browser tried to dissuade us from navigating on pages with unencrypted HTTP. As of July 2018, with the release of Chrome 68, Google Chrome will start marking all HTTP sites as “unsafe” in the address bar:
Chrome already did something similar when we sent information through an insecure web, but now the “not sure” message will appear whenever the HTTP protocol is being used without encryption. This will affect the vast majority of pages that are on the Internet, but not the majority of websites that we visit normally.
The adoption of the HTTPS protocol has grown so much that today more than 68% of Chrome traffic on Android and Windows is over SSL / TLS. In fact, 81 of the 100 websites with the most Internet traffic use HTTPS by default.
According to Google, the new Chrome interface will help users understand that not all HTTP sites are safe. Unlike the HTTPS protocol, HTTP transmits our data in plain text, without encryption. This means that anyone who connects to the same Wi-Fi network could easily spy on our communications and steal sensitive data such as passwords or credit cards.