Google’s Chrome browser will add new ‘Not secure’ warnings starting October 2017.

Chrome (version 62) will show a ‘NOT SECURE’ warning when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode.

Google has been on the secure browser path for a number of years now and recently announced that Chrome will mark non-secure pages containing password and credit card input fields as Not Secure in the URL bar.  This has been extended to all pages with any type of field including Google’s own search box.

Google’s intention is to protect readers if the content is considered dangerous or deceptive. These sites are often called “phishing” or “malware” sites.

The problem to date has been the detection criteria that Chrome is using.  Chrome often reports a security warning for perfectly good pages and web sites and even pages that are https.  The best example of this is when it warns against visiting Google’s own pages.

It’s difficult for both sides.

• Website owners with safe pages being reported as insecure
• Chrome users seeing false warnings

Yes, we do understand Google is trying to protect us against fraud but is the way to achieve it to require 99.99% of perfectly good pages change because of .01% of bad pages?

What Next?

• Ripefruit customers’ call (03) 9442 4348 and we’ll save you $$$.
• Website owner – purchase a security certificate and secure your website
• Chrome users – decide whether to continue using Chrome in the face of false warnings.
• Read 2018 Update

Browsers

• Mozilla Firefox
• Google Chrome
• Opera
• Microsoft Edge
• Safari – Apple IOS

Security Certificate

Website owners have the choice of buying a certificate from their hosting company or from a security certificate supplier.

Pro’s and Cons

• Hosting company: higher price but will install the certificate
• Certificate supplier: lower price but no installation

Do we start a campaign aimed at either getting Google to change its Chrome policy or Users to change browsers?