Welcome to WebmasterWorld Guest from 22.214.171.124
Be HTTPs by October or Chrome will show "not secure" flag
Starting in October, Chrome 62 will flag any http form & all http pages in incognito mode with a "not secure" warning.I'm using 61.0.3163.100 (Official Build) (64-bit) but I see plenty of warning for non-secure web content. When Chrome 62 is released, the warning are supposed to be more severe.
...Google is moving from a reward system to a punitive one. Websites using SSL continue to get an SEO boost since it became a confirmed ranking signal in 2014, but we noticed a few months ago that Google was blacklisting non-HTTPS websites that allowed password fields and credit card forms to be filled.... Chrome version 62 will be released, and websites with any kind of text input will require an SSL certificate if they want to avoid a “Not Secure” warning in the address bar.[blog.sucuri.net...]
Not Secure labels for some HTTP pages[developers.google.com...]
As we announced previously, starting in Chrome 62, when a user enters data on an HTTP page, Chrome will mark the page as "Not Secure" with a label in the address bar. This label will also be shown in Incognito Mode for all HTTP pages.
Your connection to this site is not secure.Looks like the more severe warnings haven't kicked in yet, giving webmasters some more needed time.
You should not enter any sensitive information on this site (for example, passwords or credit cards), because it could be stolen by attackers.
If you do not have any forms, then there is no "Not Secure" warning.Unless you are browsing "incognito."
This label will also be shown in Incognito Mode for all HTTP pages.My stats say about 4% to 6% currently use it on my sites. The overall stats are a little higher I believe.
may be it is fine on sites which haven't received the warning on Google Console?Googlebot may need to verify noncompliance in concert with the Chrome browser to display the "Not Secure" warning in the address bar. This is a good thing, and would help to avoid false positives.
may be it is fine on sites which haven't received the warning on Google Console?But what if a site doesn’t have a GSC account in the first place, so there’s nobody to warn? It seems a bit counterintuitive to give them a free pass, if this is ultimately supposed to be about protecting the user.
I think everyone has been "warned" quite a bit