Google announced earlier today plans to drop the “Secure” indicator from the Chrome URL address bar and only show a lock icon when the user is navigating to an HTTPS-secured website.
The move is scheduled to take effect with the release of Chrome 69, scheduled for September, this year.
Emily Schechter, Product Manager for Chrome Security, said the company is now comfortable making this move as a large chunk of Chrome’s traffic is now via HTTPS.
Since most traffic is HTTPS anyway, it’s not necessary to draw the user’s attention to the “Secure” indicator anymore.
Instead, Chrome will focus on highlighting situations when the user is accessing an insecure HTTP website. That’s why, Google will be marking all HTTP sites as “Not Secure” starting with Chrome 68, set for release in July.
Furthermore, Google plans to improve the “Not Secure” indicator in Chrome 70 with the addition of an animation that turns the “Not Secure” text to red whenever the user is entering data inside a form on an HTTP site.
These updates are part of a plan that Google references as “HTTPS 100%” that aims to have all sites loaded in Chrome via HTTPS.
“We hope these changes continue to pave the way for a web that’s easy to use safely, by default,” Schechter said. “HTTPS is cheaper and easier than ever before, and unlocks powerful capabilities — so don’t wait to migrate to HTTPS!”