In early 2017, Chrome began prominently labeling certain insecure HTTP sites as “Not secure” in the address bar. Today, Google announced plans to mark all HTTP pages the same way on an upcoming version of the browser later this year.
Chrome 56 in January 2017 marked HTTP pages that collect passwords, credit cards, or other sensitive information with a “Not secure” label. Visible on the left of Chrome’s omnibar, this was aimed at conveying to users that their connection to a site might not be private.
In version 62, the warning was expanded to when users enter any data on an HTTP page, as well as on all HTTP pages in Incognito mode due to an increased expectation of privacy.
Google’s efforts continue with Chrome 68 marking all HTTP sites as “Not secure,” though the gray info icon remains for the time being. Back in 2016, the company noted that the plan is to eventually display an even more prominent red security indicator triangle.
Slated for release in July, this transition comes as 68% of all traffic on Android and Windows is now protected, while that number jumps to 78% on Chrome OS and Mac. The company also notes that 81 of the top 100 sites on the web use HTTPS by default.