In October 2017, all websites with any kind of text input will be required to have an SSL certificate or be “punished” with a red “Not Secure” warning in Google Chrome. In layman’s terms, this means that instead of the standard “http://” prior to a web address, the heading would need to read “https://”. For sites that have been properly secured with an SSL certificate, a lock icon and the word “Secure” should appear in the header.
This is the second part of Google’s long-term initiative to help users browse the web safely by labeling HTTP pages as non-secure. In January 2017, when Chrome 56 was released, Google began the process by marking unencrypted sites that transmit sensitive information such as passwords and credit card information via the web as “Not Secure.” The intent is to warn users that their personal information can easily be compromised or intercepted in plain-text format if they submit it to a non-secure website.
Additional warnings will be activated when Chrome 62 is released in October, and this release will extend the “Not Secure” warning to all unencrypted sites with any form of text input as well as well as those accessed using Chrome’s Incognito mode.
Visitors to a non-secure website will still be able to use the site’s eCommerce portal and text input forms, but Google hopes to discourage users from doing so by making them aware that their information may be compromised without the security feature in place. This puts pressure on website owners to take action or risk losing business.
Eventually, Google plans to require all websites to maintain an SSL certificate or be labeled “Not Secure.”
If you’re not up to date yet, don’t feel bad—even some of the largest websites in the world are not yet HTTPS secured, but are transitioning that way. But don’t wait. The time to make the change is now. Future websites will all embrace these security measures, whether they incorporate eCommerce functionality or not.
Get Orpheus’ Special Pricing on SSL Certificates in September 2017
Orpheus is helping website owners to transition to SSL secure sites before the October deadline by offering limited-time special pricing on SSL certificates through September 30, 2017.
What is an SSL Certificate?
SSL is defined as Secure Sockets Layer, a standard security technology that creates an encrypted link between a client’s website and the server, or a mail client and mail server like Outlook, to ensure that all data that passes between the server and the browsers remains private. It does this by authenticating the identity of the server and encrypting transmitted data, typically with strong, 256-bit encryption.
Without an SSL certificate, data sent via the Internet to your website may be able to be intercepted by hackers and scammers who can read your visitors’ username, password and credit card numbers in plain text format. It is also possible for them to pose as your website to steal information. Encryption ensures that only the intended recipient can read the data.
How Do I Get HTTPS?
According to Google’s Transparency Report, “In order to provide encrypted traffic to users, a site must first apply for a certificate from a trusted Certificate Authority (CA). This certificate is then presented to the browser to authenticate that site the user is trying to access.”