Today’s technological advancement in the world has tremendous security issues, the biggest concern about the web security is user’s data. Chrome indicates HTTP & HTTPS connection of the website with an icon in the address bar. HTTP doesn’t mean that the website is not secure but it means that someone can look at or modify the site before the website loads to the users.
Basically it is not secure to make any payment transactions over HTTP connection with all your Credit Card details or passwords. By far it is more reliable to use HTTPS connection websites which consistently increasing its usage. HTTPS connection encrypts users data over the transportation protocol which helps in securing users data from any attacker who tries to attack.
It is very common that users over web ignores such connection warning as they are not aware about it and many users lack knowledge of such connections. Chrome Security Team has planned to label HTTP sites more clearly and accurately as non-secure will take place in gradual steps, based on increasingly stringent criteria. Starting January 2017, Chrome 56 will label HTTP pages with password or credit card form fields as “not secure,” given their particularly sensitive nature.
As posted by Emily Schechter on https://security.googleblog.com/ says – In following releases, we will continue to extend HTTP warnings, for example, by labelling HTTP pages as “not secure” in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.
From January 2017, the security warning in the browser will initially display following message
And then as it rolls out to all websites, the warning will look like this:
We will publish updates to this plan as we approach future releases, but don’t wait to get started moving to HTTPS. HTTPS is easier and cheaper than ever before, and enables both the best performance the web offers and powerful new features that are too sensitive for HTTP.