Author: Chris Hoffman / Source: howtogeek.com
Starting with Chrome 68, Google Chrome labels all non-HTTPS websites as “Not Secure.” Nothing else has changed—HTTP websites are just as secure as they’ve always been—but Google is giving the entire web a shove towards secure, encrypted connections.
In the future, Google even plans to remove the word “Secure” from the address bar.
All websites should be secure by default, after all.How “Secure” HTTPS Websites Work
When you visit a website that uses HTTPS encryption, you’ll see the familiar green lock icon and the word “Secure” in your address bar.
Even if you enter passwords, provide credit card numbers, or receive sensitive financial data over the connection, the encryption ensures no one can eavesdrop on what’s being sent or alter the data packets while they’re travelling between your device and the website’s server.
This occurs because the website is set up to use secure SSL encryption. Your web browser uses the HTTP protocol to connect to traditional unencrypted websites, but uses HTTPS–literally, HTTP with SSL—when connecting to secure websites. Website owners have to set up HTTPS before it will work on their websites.
HTTPS also provides protection against malicious people impersonating a website. For example, if you’re on a public Wi-Fi hotspot and connect to Google.com, Google’s servers will provide a security certificate that is only valid for Google.com. If Google was just using unencrypted HTTP, there would be no way to tell whether you were connected to the real Google.com or to an imposter site designed to trick you and steal your password. For example, a malicious Wi-Fi hotspot could redirect people to these types of imposter websites while they’re connected to the public Wi-Fi.
HTTPS also provides other advantages. With HTTPS, no one can see the full path of the web pages you visit. They can only see the address of the website you’re connecting to. So, if you were reading about a medical condition on a page like example.com/medical_condition, even your Internet service provider would only be able to see that you’re connected to example.com—not what medical condition you’re reading about. If you’re visiting Wikipedia, your ISP and anyone else would only be able to see you’re reading Wikipedia, not what you’re reading about.
You might expect that HTTPS is slower than HTTP, but you’d be wrong. Developers have been working on new technology like HTTP/2 to speed up your web browsing, but HTTP/2 is only allowed on HTTPS connections. This makes HTTPS…
The post Why Does Google Chrome Say Websites Are “Not Secure”? appeared first on FeedBox.