Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Google web security update. Show all posts
Technology
Chrome insecure website alert Google Chrome HTTPS warning Google web security update HTTP insecure sites 2025 Technology

Google Chrome to Show Stronger Warnings for Insecure HTTP Sites Starting October 2025

 

Google is taking another major step toward a safer web experience. Starting October 2025, Google Chrome will begin displaying clearer and more prominent warnings when users access public websites that do not use HTTPS encryption. The move is part of Google’s ongoing effort to make secure browsing the default for everyone.

At present, Chrome only displays a “Your connection is not private” message when a website’s HTTPS configuration is broken or misconfigured. However, this new update goes beyond that — it will alert users whenever they try to open any HTTP (non-HTTPS) website, emphasizing the risks of sharing personal data on unencrypted pages.

Google initially introduced optional warnings for insecure HTTP sites back in 2021, but users had to manually enable them. Over time, the adoption of HTTPS has skyrocketed — according to Google, between 95% and 99% of web traffic now takes place over secure HTTPS connections. This widespread adoption, the company says, “makes it possible to consider stronger mitigations against the remaining insecure HTTP.”

HTTPS, or Hypertext Transfer Protocol Secure, adds a layer of encryption that prevents malicious actors from intercepting or tampering with the information exchanged between users and websites. Without it, attackers can easily eavesdrop, inject malware, or steal sensitive data such as passwords and payment details.

In its official announcement, Google also highlighted that the largest contributor to insecure HTTP traffic comes from private websites — for example, internal business portals or personal web servers — as they often face challenges in obtaining HTTPS certificates. While these sites are “typically less dangerous than their public site counterparts,” Google cautions that HTTP navigation still poses potential risks.

Before the change applies to all users, Google plans to first roll it out to people who have Enhanced Safe Browsing enabled, starting in April 2026. This phased rollout will allow the company to monitor feedback and ensure a smooth transition. Chrome users will still retain control over their browsing experience — they can turn off these alerts by disabling the “Always Use Secure Connections” setting in the browser’s preferences.

This update reinforces Google’s long-term vision of making the internet fully encrypted and secure by default. With the vast majority of web traffic already protected, the company’s focus is now on phasing out the remaining insecure connections and encouraging all website owners to adopt HTTPS.
Read more »
Subscribe to: Comments (Atom)