Chrome Security Warnings Revamped: What You Need to Know

If you use Google's Chrome browser, you may have started seeing warnings that a website is not secure. Here's what it means and what's changed.

What's the change?

Google has changed the way it displays information about websites in the space on the left of the address bar at the top of the Chrome display. Originally this space was only used to indicate when a website was secure via a padlock symbol. Later on Google gave this more emphasis, adding the word "Secure" and marking both in green to stand out.

Until now, the fact that a website isn't secure hasn't been explicitly stated: it's just been indicated by the absence of the padlock and wording. Google then started showing "Not secure" warnings only if and when a page asked a user to fill in a form, such as when submitting a password or card number.

This changes with the latest edition of Chrome, which adds the wording "Not secure" on any relevant page as soon as it loads.

What does "secure" and "not secure" mean?

"Secure" indicates that a website uses the HTTPS system, while "not secure" means it uses the older HTTP system. The difference is that HTTPS sites and pages will encrypt any data that moves between the website and the user's computer, and vice versa.

The encryption means that if anyone intercepts the data, they'll find it incredibly difficult (and practically impossible) to read it. This is important for sending personal information, credit card details, passwords and other sensitive data.

Are there any other benefits to secure sites?

If a site uses HTTPS, it becomes considerably harder for a scammer to intercept data from a website and change the code to change the contents of the page.

For example, in a "phishing" attack, scammers create a fake banking website that looks legitimate, but when the user inputs data into a form, that data gets sent to a third party rather than a legitimate site. They could also put bogus information on the site such as a fake helpline phone number.

What should I do if I see the "not secure" warning?

You don't need to panic as it may simply be that the website operators haven't taken the necessary steps to make their website secure or to make sure that people are redirected to a secure version. However, you should be wary about submitting any confidential or sensitive data through any site that is reported to be "not secure". You'll need to be particularly careful using such sites over public WiFi networks. (Source: lifehacker.com)

Is Google changing anything in the future?

Later this year, Google will phase out the padlock and "Secure" notice altogether. At that stage it will only mark those websites which are not secure. That wording will then be marked in red to make it stand out even more. (Source: blog.google)

What's Your Opinion?

Have you noticed the "secure" and "not secure" change? Do you pay attention to whether sites are secure? Should browser makers do more to make users aware of secure and insecure sites?