As part of a series of actions by Google to increase online security, Chrome will flag any HTTP sites using login fields and other input sections as “not secure” starting October 2017. Google has already started marking HTTP sites that collect passwords or credit cards as not secure in Chrome v. 56. Since this change, there has been a 23 percent reduction in visits to HTTP page that prompt a password or credit card info on desktop.
What are the options to maintain the security of your sites and avoid being flagged?
As Google rolls out these changes, the Chrome team urges websites to transition to HTTPS. HyperText Transfer Protocol Secure that encrypts all communication between browser and website using an agreed-upon “code” that scrambles any messages sent. This keeps information safe from hackers. HTTPS only guarantees a secure connection if users are communicating with real websites, not a malicious website impersonating a legitimate one.
Aside from transitioning to HTTPS, websites can implement SSL certificates. These certificates establish an encrypted link between browser and web server that HTTP sites don’t provide. The links ensure that all data passed between web server and browser remain private and integral. Allowing automated SSL integration within your domains will certify that your websites will always stay secure. They are quick and easy to implement.
Managing websites/ landing pages with DevHub allows for automated issuance of SSL certificates. This service will help ensure that your websites meet web safety standards and protect your visitors’ information.
“We never wanted to build a company that was scared of what Google would do next…so we always keep up with the latest web standards on behalf of our customers.”