Google Chrome is making a small but vital change in how it keeps you secure
Google plans to stop showing a lock icon for sites using HTTPS
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Googleis planning to remove the lock icon from the address bar inChromewhen users visit secure sites with HTTPS enabled.
The company has long been a proponent ofHTTPSand back in 2014, it even made the protocol one of its ranking factors so that sites still using HTTP would rank lower in its search results.
For those unfamiliar, HTTP (Hypertext Transfer Protocol) is a protocol that enablesbrowsersto send and receive responses fromweb hostingservers. HTTPS (Hypertext Transfer Protocol Secure) works the same way but uses TLS/SSL encryption to secure both requests and responses as opposed to sending them in plaintext.
Now that more than 90 percent of all browser connections in Chrome use an HTTPS connection according to the “HTTPS encryption on the web” section of Google’s Transparency Report, the company is planning to only alert users when a site isn’t using HTTPS.
Connection security indicators
Currently when you visit a site using HTTPS in Google Chrome you’ll see a lock icon in the address bar and when you visit a site still using HTTP you’ll see an icon depicting an exclamation mark in a triangle with the words “Not secure” next to it.
Google is currently in the process of testing a new feature that removes the lock icon for sites using HTTPS and users running eitherChrome 93 BetaorChrome 94 Canarybuilds can test it out for themselves by enabling the “Omnibox Updated connection security indicators” flag.
Once enabled, Chrome will only display security indicators for sites using HTTP. However, businesses can continue to have HTTPS security indicators shown to their employees by enabling an enterprise policy in Chrome 93 called “LockIconInAddressBarEnabled”.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
While Google is still in the process of testing out this feature, it will likely arrive in a stable version of Chrome later this year at which point users will no longer see the lock icon when visiting sites that use HTTPS to secure their connections.
ViaBleeping Computer
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
7 myths about email security everyone should stop believing
Best Usenet client of 2024
Quordle today – hints and answers for Saturday, November 9 (game #1020)
