Through 2017 and into 2018, we have seen the use of HTTPS grow substantially. Last Fall Google announced the following status:
Google helped to drive this growth by implementing the “Secure” and “Not secure” status in Chrome’s status bar. “Secure” was provided for HTTPS sites. “Not secure” was implemented progressively, first resulting for HTTP pages requiring a password or credit card number. Then resulting for HTTP pages where text input was required.
In Chrome 68, which will be released in July 2018, we can expect “Not secure” to be provided for all HTTP pages.
The new indicators will help encourage all website owners to deploy HTTPS on all pages that are supported by global browsers. In addition to showing the “Secure” indicator, HTTPS provides some of the following advantages to domain owners and browser users:
The downside is the “Secure” indicator will drive attackers to use HTTPS for fraudulent activities such as phishing. Hopefully, Google and other browser vendors are considering more reliable methods that steer their users away from phishing sites.