Chrome currently issues a “Not secure” browser warning for pages accepting password and/or credit card data that are not protected by HTTPS. The release of Chrome 62 due in October 2017 extends the “Not secure” warning to include any non-HTTPS page that accepts data from website visitors. In addition, these pages will also show “Not secure” when visited by users in Chrome Incognito mode to protect these users who are considered to use this mode as a security baseline.
With an anticipated release date of October 17, 2017, domain owners still have a few weeks to encrypt any sites that should be protected that might otherwise prevent users from entering their website.
Website owners and administrators need to consider the Always-On SSL concept to provide the following advantages:
Google states that, “Eventually, we plan to show the “Not secure” warning for all HTTP pages, even outside Incognito mode.” The big word ALL should encourage all domain owners to execute on a plan to encrypt all sites with an SSL/TLS certificate to avoid disruptive user experiences.