Google applies further pressure on unencrypted websites

18 August 2017

Google are planning to roll out the next phase in their plan to push all websites to use encrypted traffic throughout.

In April, we published a news story Google Chrome and Firefox highlight unencrypted websites explaining how Google and Mozilla wanted all websites to be encrypted throughout (running in https mode instead of http).

Version 62 of Google Chrome, due for release in October, will go further by highlighting http web pages that submit text data of any kind as not secure, as illustrated by Google's own explanatory graphic below:

 

There are two particular points to note here:

When the page loads, the address bar will look exactly as it does at the moment and only when the user starts entering text into a web page will it change to show the "Not secure" label.

The significant change is that this will apply to any page that allows entry of data - for a significant number of websites, this may affect every page simply because every page features a search box!

Do I have to do anything?

Building websites to always run in encrypted mode has been standard only since early 2016 and older sites will generally only switch to encrypted mode when transmitting sensitive information (such as a login user id or password). This was normal practice.

Our April newsletter highlighted a number of well-known websites that were not running with always-on encryption; since that time, only one (BBC) has changed to force encryption.

Google is only one producer of web browsers (albeit a well-known one) and it remains to be seen how much effect this most recent announcement will have. With a significant number of leading websites not running throughout in secure mode, it is likely that most users will be so used to seeing the "Not secure" message that they will ignore it unless entering sensitive information (when all sites should be in secure mode anyway).

We do, however, strongly recommend that you do move to an always-on encryption mode for your website, if you do not already do so.

As highlighted in our previous news story, however, this is not necessarily straightforward, as it depends on a number of factors, such as the age of the site and how you have added in content (such as images and video) via the CMS.

For further information please visit https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html

Call Back
This site uses cookies. By continuing to access this site you are accepting the use of cookies by this site.
Read more about cookies...
OK

Cookies are small text files stored on your device when you access most websites on the internet.

This Website uses cookies in order to make the Website easier to use, to support the provision of information and functionality to you, as well as to provide us with information about how the Website is used so that we can make sure it is as up to date, relevant and error free as far as we can. Further information about the types of cookies that are used on this Website is set out in the box below.

By using this Website you agree to our use of cookies. You can choose to restrict or block cookies set on the Website through your browser settings at any time. For more information about how to do this, and about cookies in general, you can visit www.allaboutcookies.org. Please note that certain cookies may be set as soon as you visit the Website, but you can remove them using your browser settings.

However, please be aware that restricting or blocking cookies set on the Website may impact the functionality or performance of the Website, or prevent you from using certain services provided through the Website. It will also affect our ability to update the Website to cater for user preferences and improve performance.

We don’t sell the information collected by cookies, nor do we disclose the information to third parties, except where required by law (for example to law enforcement agencies).

We may sometimes embed content from 3rd party websites such as YouTube. As a result, when you visit a page containing such content, you may be presented with cookies from these websites. We do not control the dissemination of these cookies and you should check the relevant third party's website for more information.

Cookies We Use

Cookie Description
CookieConfirm The presence of this cookie is used to remember the fact that you have confirmed that you are happy to accept cookies
ASPSESSIONIDxxxxxxxx This is a Session Cookie (session cookies are temporary and are erased when you close your browser). It identifies you from one page to the next and is used, for example, to keep track of your logged-in status.
UserID, account, password These cookies are used to remember your login credentials for when you next visit our website. They are only created if you choose the “Remember Me” option on the login page.
_utma, _utmb, _utmc, _utmz These are cookies created by Google Analytics and are used to provide us information on which web pages are the most popular, and the most popular search terms used by visitors arriving at our site.