Google Chrome 68 introduces HTTPS as the new security must-have

Raising the bar on website security

UPDATE — JULY 24, 2018: Today Google began rolling out Chrome 68. Now, Google’s browser will display a “Not Secure” warning next to the website in the address bar if the site is not secured with HTTPS.

Attention all website owners, from businesses to blogs! This is a last call to secure your website before some major changes take place on the web — including Google Chrome 68. If you missed the February announcement, Google will be marking all HTTP sites as “Not secure” beginning in July of 2018.

The Google Chrome 68 release in July will mark all HTTP sites as Not Secure.

 

Furthermore, as Google’s objective is to ensure internet users can easily recognize whether sites are safe or not, the Not Secure warning will be prominently displayed on sites without HTTPS secure connection.

In an effort to drive the world toward a more secure global internet, Google Chrome began marking all HTTP web pages with forms as insecure last year, as well as HTTP sites opened through an incognito window. In just a year’s time, such a small change pushed 68 percent of Android and Windows traffic and 78 percent of Chrome OS and Mac traffic toward HTTPS. Now, 81 of the top 100 sites are using HTTPS by default.

Google Chrome 68 Not Secure

How long do I have to secure my website?

Google estimates the release of Google Chrome 68 sometime at the beginning of July 2018. Once they make the jump, other browsers will likely begin to follow.

Part of the HTTPS Everywhere movement, internet browser Mozilla Firefox has already openly stated with Google that their intent is to make HTTPS the new minimum. As an example, in January 2017, Firefox implemented a policy that began marking form elements on HTTP sites as insecure, and they warn users that any login information could become compromised.

How will Google Chrome 68 affect my site?

With about 60 percent of all internet traffic utilized through Google Chrome, a change like this will affect every website on the internet.

If your website does not run HTTPS by default, your visitors will begin to see a flag next to your domain name at the top address bar of the Google Chrome 68 browser showing that your website is not secure.

Further inspection will reveal a warning to the user that they should refrain from entering any personal information into your site for risk of attackers stealing their data. In fact, the lack of an SSL certificate on your site has always left your site vulnerable to content injection, such as a visitor’s ISP injecting ads and malware into your site.

Why are SSLs so great?

Google Chrome 68 requirements might not sound like a big deal for website owners that do not process payments or ask for information, but I will repeat it:

All websites need HTTPS encryption and every website can benefit from an SSL.

 

If you do not currently have an SSL installed on your site, you are already missing Google’s automatic search ranking boost from back in 2014. In addition, Google de-prioritizes HTTP sites. With an SSL installed, your site will have access to powerful API tools that users have come to expect in responsive websites, such as geolocation and audio/video streaming.

If that was not enough motivation, SSLs also unlock a significant performance boost by allowing your site to operate over HTTP/2, which by itself has the capability to improve your load times by up to 40 percent!

Today, visitors look for green locks on their address bars to feel secure before giving trust to a site. An SSL shows legitimacy and professionalism by ensuring your users feel protected while browsing. No website is too small. No data is worthless. With Google Chrome 68, it will matter. Installing an SSL could not be easier with the number of options you have for getting the job done.

How can I secure myself?

Plain and simple, acquire an SSL and install it on your website. While that might sound easy, it can become a daunting and difficult task if not done correctly. If you are the DIY type, you can acquire your SSL free from Let’s Encrypt and install it to your hosting account manually. You will certainly need to be of technical mind, have a basic understanding of shell commands, and, of course, you need to have shell access to your hosting account.

Luckily, there is a much simpler solution.

 

GoDaddy offers one-click SSL certificate install for sites that are hosted with us. For a total peace-of-mind and time-saving solution, our Managed SSL service will install, configure and maintain your SSL certificate for you. We ensure all of your site pages are correctly deployed with SSL to avoid mixed content errors. Plus, we take care of ongoing SSL maintenance and renewal so you don’t need to lift a finger.

GoDaddy offers an extensive range of SSLs — from Wildcards that cover all subdomains of a domain to Extended Validation certificates to give your domain a green bar and business verification.

SSL certificates are so easy, economical and beneficial that it is already a detriment not to have one installed on your site. Do not be left in the dust. Take the time to install an SSL on your site and you will never want to go back — Google Chrome 68 or not.

Image by: Victor Freitas on Unsplash

Johnathen Chilcher
Johnathen Chilcher is a SysAdmin and programmer for GoDaddy by day, a poet and musician by night. His passion has always been laser-focused on technology and the growing universe around us. Chilcher now uses his talented mind and youthful spirit to make a difference and improve upon the world around us.