Google recently sent out bulk messages via its Google Search Console to its users warning them of an update and prompting them to make necessary changes to accommodate it. The warning was sent to make sure that the websites’ login page is served over HTTPS.
The official warning read –
“Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over HTTPS.
The following URLs include input fields for passwords or credit card details that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, and so you can take action to help protect users’ data. The list is not exhaustive.”
Google also released a set of URLs along with the warning message that would trigger a warning when opened.
Many sites still use logins on HTTP, which is now considered non-secure in Chrome 56 for domain.com, and users using these sites, will soon be displayed a security warning. Google even sent out a warning post on Google+ that read –
“From the end of January with Chrome 56, Chrome will mark HTTP sites that collect passwords or credit cards as non-secure. Enabling HTTPS on your whole site is important, but if your site collects passwords, payment info, or any other personal information, it’s critical to use HTTPS. Without HTTPS, bad actors can steal this confidential data. #NoHacked”
This isn’t the first time that Google has made a move towards HTTPS. Back in 2014, Google had announced that going HTTPS will give a ranking boost to the website.
Solutions to the problem
- Switching your website to HTTPS completely.
- If not 1), provide a link to a secure HTTPS page that would allow for visiting users to login there.
We are an up and coming consultancy aiming to simplify digital media for business. Visit our website to learn more about our service offerings.