Google Chrome Not Secure warning: Google ups ante on website security

Use GoDaddy’s Unsecure Form Scanner to check your site’s security

We’ve published a number of articles about the imminent shift of browsers in how they treat secure (HTTPS) vs. non-secure (HTTP) sites. Google Chrome is making this shift a reality very soon. Starting in January 2017 Chrome 56 will label HTTP pages that collect personal information such as passwords or credit card details as “Not secure.” Here is an example of the Google Chrome Not Secure warning from the Google Security Blog:

Google Chrome Not Secure Warning ExampleWhat’s the purpose of the Google Chrome Not Secure warning message?

When customers visit your website, they might check the URL in the browser bar to see if it’s a secure HTTPS, rather than HTTP, connection before entering their personal information. But Google research found that many people don’t check first for an HTTPS connection — putting themselves and their information inadvertently at risk, even on some of the world’s most trafficked websites.

The new Google Chrome Not Secure warning puts website security front-and-center.

When a page is loaded in Chrome 56, Google will look for forms that collect passwords and credit card numbers, plus check for valid SSL certificates that provide secure HTTPS connections.

Websites that take in sensitive data but are not protected by SSL certificates will be flagged as “Not secure.”

 

While a great move for protecting web owners and customers alike, the changes could have a negative impact on owners of HTTP websites — many of whom are small businesses who aren’t well-versed on all the latest internet protocol standards. Come January, the Google Chrome security scan will produce a “not secure” warning marked on their sites, driving away potential customers and revenue.

Will your website be flagged with the Not Secure warning?

GoDaddy Website Scanner Check HTTPSTo help you determine whether your site will receive a security certificate error on Google, we launched an Unsecure Form Scanner, a free tool that scans websites for HTTPS and forms that collect login or payment information that may be likely to be flagged with the Not Secure warning.

Use GoDaddy’s free Unsecure Form Scanner to check your site.

 

Users simply enter their website URL into a scan box. Within minutes, the tool identifies pages that aren’t secure, and outlines simple next steps to bring it up to standard. The free Unsecure Form Scanner gives website owners the opportunity to see how their websites will be affected by the Chrome 56 change and to decide whether to take action.

What does the Unsecure Form Scanner do?

This free tool scans your website for two things:

  1. Forms that handle login or payment information.
  2. The installation of an SSL certificate.

This determines whether your site will display the Google Chrome Not Secure warning message to visitors using the latest Chrome browser version.

Why should I scan my website?

You should scan your website to find out if it uses forms that are not secure. If it does, Chrome 56 — to be released in January 2017 — will display a “Not Secure” message to visitors.

What’s the cost?

It’s completely free. No strings attached. If you drop in an URL, we’ll scan it!

Avoid the Google Chrome Not Secure warning on your website by taking a few minutes to scan your site. Get started now by checking your SSL status.

Image by: perspec_photo88 via Visual hunt / CC BY-SA

Wayne Thayer
As VP and General Manager of Security Products at GoDaddy, Wayne is responsible for security products including GoDaddy’s SSL Certification Authority, code signing certificates and partnership with SiteLock. Wayne represents GoDaddy at the CA/Browser Forum, the standards body that defined Extended Validation SSL. When he’s not working or spending time with his family, he enjoys competing in amateur mountain bike races. He completed the famed Leadville Trail 100 race a few years ago.