Google says security should be so normal you don’t see it. But bad security should be in your face.
Google is phasing out the green lock icon and “Secure” label next to URLs on Chrome — emphasizing that safe websites should be the norm.
Right now, all HTTPS websites show that lock and label if you’re visiting the page on Google’s Chrome browser — telling you that you’re visiting a. Google’s goal is to make sure 100 percent of the internet is HTTPS, and it’s getting pretty close.
In May 2018, 83 percent of websites visited by people browsing on Chrome using Windows were HTTPS pages. It’s gotten to the point for Google where you’re much more likely to visit an HTTPS page on Chrome than a nonsecure page.
With that mindset, if something is the norm, you don’t really need a label telling you that everything is normal. So Google is choosing to get rid of the “Secure” label with Chrome 69 in September and will eventually stop displaying the lock, too.
“Since we’ll soon start marking all HTTP pages as ‘not secure,’ we’ll step towards removing Chrome’s positive security indicators so that the default unmarked state is secure,” Emily Schechter, a Chrome security product manager, said in a blog post Thursday.
Instead, Google will choose to make a bigger deal out of people visiting non-HTTPS websites, with a red warning icon and a “Not secure” label in the URL bar. That’ll start showing this October.
Google earlier this year announced plans to show “Not secure” for all non-HTTPS websites starting in July.