A Quick Primer
There’s a good chance that your website has a URL that starts with HTTP. Until now, that’s likely been acceptable. This past month, we learned that the times, they are a changing.
The short of it is that, if your site has a password to log-in or is an e-commerce site, Chrome is going to throw up a new warning about your site not being secure unless you are serving secure pages.
On the other hand, a secure page has that an SSL certificate—a way of encrypting websites to make them safer and less hackable—will appear with a bright green safety icon that gives visitors a green light to continue browsing.
Does My Site Count?
For those without e-commerce on their sites, this might not sound like all that big of a deal. However, all WordPress sites have a login page which means that WordPress sites will need this security.
Not WordPress or e-commerce? We believe this still matters matter as these warnings are step one in a path towards all pages needing to be secure.
Beginning in January 2017 (Chrome 56), we’ll mark HTTP pages that collect passwords or credit cards as no-secure, as part of a long-term plan to mark all HTTP sites as non-secure..Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.
This means that, soon enough, any site that is not behind HTTPS will show a big red warning sign.
The Time is Now
If you have a website serving up HTTP and want to avoid labels of not being secure, you have until the end of the year to make the change. That’s right. The end of THIS year.
We’ve moved our site over the HTTPS and recommending that each of our clients do this (and are, of course, here to help).