If you’re a Chrome user then you’ll might be interested to know that the following security features are about to land soon in your favorite web browser. Website owners might want to take note as well.
Starting with Chrome version 62, which should come out around October this year (2017), users of the browser shall start seeing a “Not secure” warning whenever they type data over a website which uses plain HTTP connection.
Meaning, when the website you visit has a URL address prefixed by “http”, every time you’ll type something into a text field on the website’s page, the address bar shall automatically present you with a “Not secure” warning.
Contrary to that behavior, if the website you visit has a URL address prefixed by “https” (IWF1 for instance) – then that means the connection is secure (encrypted) thus no warning shall appear.
If you’re often surf incognito mode then you should be aware that Chrome’s security team takes it even further in this case, making the distinction between normal browsing and so called “private” browsing (another name for incognito mode) – the browser will also show a “Not secure” warning whenever you’ll visit a website connected over a plain HTTP protocol, instead of waiting for you to type something in order to display the warning.
According to the security team:
“When users browse Chrome with Incognito mode, they likely have increased expectations of privacy. However, HTTP browsing is not private to others on the network, so […] Chrome will also warn users when visiting an HTTP page in Incognito mode.”
Lastly, the team states that their long-term goal is to mark all Web pages that connect over HTTP as not secure, including outside of incognito mode scope, thus encouraging users to visit websites over secure connection or at least have users aware that their connection could be otherwise prone to malicious acts.