PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Google Chrome to Put Unencrypted Websites on Notice

A warning label will start appearing next to unencrypted sites that handle sensitive data early next year.

Tom Brant
 & Tom Brant Managing Editor

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

As Google closes in on its goal to encrypt 100 percent of Internet traffic going to and from its servers, the search giant will shame the owners of external websites into encrypting their traffic as well.

Beginning in January, users of Google's Chrome Web browser will see a conspicuous "not secure" label next to certain websites that use an unencrypted HTTP server. The label will only appear for sites that transmit passwords or process credit card transactions.

Chrome Encryption Warning

As Google points out in a blog post today, a "substantial portion" of Web traffic has already transitioned to HTTPS, and we imagine the portion is even higher for sites that accept passwords and process transactions. That means few users of mainstream sites will see the warnings. If they do, it's an indicator that the site they're browsing isn't keeping up with encryption standards.

But Google plans to go further. Eventually, Chrome will slap an even more alarming "not secure" label on any site that uses HTTP, not just those handling sensitive data. That future label will be red and display the same exclamation mark Chrome currently uses to indicate a critical error with the way a site is displayed.

Google didn't give an exact date for when that will happen, but it offered a clear warning to website owners dragging their feet: "don't wait to get started moving to HTTPS." Google's approach here is similar to its rumored plan to shame phone and tablet manufacturers into into releasing more frequent Android updates for their devices.

As for Google itself, more than two-thirds of Internet traffic going to and from Google servers is encrypted, including 100 percent of Gmail traffic. So it's a safe bet that the Chrome won't be entering the final phase of its "not secure" labeling until Google encrypts all of its own sites.

About Our Expert

Tom Brant

Tom Brant

Managing Editor

I’m a managing editor at PCMag.com focused on PC hardware. Reading this during the day? Then you've caught me testing gear and editing reviews of Wi-Fi routers, printers, laptops, and tons of other personal tech. (Reading this at night? Then I’m probably dreaming about all those cool products.) I’ve covered the consumer tech world as an editor, reporter, and analyst since 2015.

I've covered most major consumer tech events, including CES, Computex, Google I/O, and IFA. I've also appeared on CBS News, in USA Today, and at many other outlets to offer analysis on breaking technology news.

Before I joined the tech-journalism ranks, I wrote on topics as diverse as Borneo's rainforests, Middle Eastern airlines, and Big Data's role in presidential elections. A graduate of Middlebury College, I also have a master's degree in journalism and French Studies from New York University.

The Technology I Use

While most people buy a phone or laptop and stick with it for years, I’m lucky enough to use devices based on Android, iOS, macOS, and Windows daily as part of my job. As a result, I cycle through lots of tech in addition to my IT-issue work laptop. (Yes, that's a ThinkPad.) Personally, I’ve also owned a lot of tech products both cutting-edge and cringeworthy, from the Nintendo GameCube and the original MacBook to the Palm m105 and the CueCat.

Read the latest from Tom Brant

Read full bio