That's right, they're BIG, but before that ...
From January 2017 Google Chrome is getting serious about websites that don’t use encryption to keep you safe from the bad guys.
Do you know what encryption is?
Do you know if you're site uses it?
Do you know the sites that you visit are using it? Including this one?
The answer to that last one is yes I am 🙂
Do I care?
YES YOU SHOULD!
What will happen if I do nothing?
However, if they are using Google Chrome, the first effect of this is visitors could be put off from accessing your site, as Google Chrome will show a warning message, telling the visitor your website is not secure, before they see anything else on your website. Pretty big, right ?
Now, you may be thinking "well I 'know' my visitors are using 'X' other browser & I therefore don't care", now going to answer that "for now" part I spoke about before. If Google are doing it now with their browser, you can bet that the browser wars will not let them get one up on them & soon all of the browsers will follow, meaning even your visitors with their other browser will see a similar message, saying your website is unsafe and that they should turn around and run (maybe not so dramatically as that, but you get the idea).
OK, I need it then. What’s it all about?
The NEW HTTPS – note the extra 'S' at the end, stands for ‘Hypertext Transfer Protocol SECURE’. Regular users of sites such as Amazon will recall that it already appears and what it actually does is prevents eavesdroppers from seeing information that visitors to your site send to you or receive from you by encrypting it so that only the server can decode it.
As from January, this is how address bars will look ...
Unsecured Address (URL)
Secured Address (URL)
What is SSL/TLS?
SSL/TLS – those stand for Secure Sockets Layer & Transport Layer Security.
SSL has been around for a while and now the latest upgrade is known as TLS. They are both effectively stamps of approval that a website is secure and are officially referred to as certificates. If you go to a website that has no padlock on the address bar and change http:// to https:// the site will still load BUT without SSL/TLS a warning will be displayed by Google Chrome that even though you have requested information on a secure connection, the data is not being sent by that method and that the site may not be totally secure – many will heed the warning and move elsewhere!
So, what does this mean? It means you must provide information about yourself as the domain/website owner and the website itself. Once a certificate is issued it is installed on the server and provides these security benefits:
Google has issued an announcement that it plans to label ALL sites that only use http as non-secure as a step towards making the worldwide web a safer place.