For the past year or so, the push toward SSL secure websites has been a huge focus in the web development world. The internet as a whole has been moving to a more secure place. The reasons for this are many and everybody should be rejoicing about it. Nobody likes to think about their information becoming available to prying eyes.
As they often do, Google has been leading the pack in this effort. The Chrome browser has become the most-often used browser with almost 79% of the internet being surfed on a Chrome browser. (Firefox is a distant second at 11%. Edge/IE, Safari, and Opera round out the other 10%.)
We wrote about SSL in March of last year, pointing out the many benefits of having an SSL secure website. Google has already started giving ranking preference to sites that are SSL secure. But beginning with Chrome 68, Chrome will be actively calling out sites that aren’t SSL secure. This means that if your site isn’t running an SSL certificate, your visitors will know it. Chrome 68 is due to be released in July.
In a blog post from February, Google outlines their reasons for doing this. The one thing that stands out the most to us as web developers is the fact that securely embedded content isn’t enough to avoid having Chrome’s non-secure warning show up. Many sites are still only securing login forms that are embedded into pages, instead of securing the site itself. This means that your local bank might be trying to look secure. But if there’s no green lock in the browser tab, it’s not really secure.
Moving forward, we expect SSL to become more of a hot topic than it already is. At some point, Chrome may actually block sites that aren’t SSL secure. If you visit a site that doesn’t have the green lock, it’s best to avoid it. And if your own website doesn’t have it, then get in touch with us so we can help.