Google's release of Chrome 68 brings with it security improvements; particularly one that has been long-anticipated by the web. Chrome now marks HTTP sites as "not secure." Google announced the change in a blog post, calling it "a milestone" for security.
Google first announced in February that this change would be coming, so we've had some time to anticipate the shift. Marketers and technologists are still catching up, however.
It's estimated that with this change ~30% of web traffic will be flagged as "Not secure" for ~60% of users worldwide (@firt).
Perhaps an even crazier statistic, 50% of the world's top websites are not secure (@mattburgess1). It's time to move to TLS.
What is HTTPS?
HTTPS (the "S" meaning "Secure") is a form of web encryption that secures the connection between the user and the sites they visit.
Websites and ad networks served without encryption are vulnerable to malware injection, a common tactic for low-level cybercriminals. - The Verge
Do I need HTTPS?
It's mostly important for websites that collect or pass information (ecommerce, filling out forms, etc.), so most sites and businesses are behooved to have HTTPS. However, not everyone needs to implement it right away. Personal blogs or project websites likely do not need HTTPS.
When do I need to implement HTTPS?
We can expect Google to start showing a red "not secure" warning on HTTP pages upon entering data into a form by October 2018 (Google). However, since the alert is up in Chrome browsers today, the sooner it's implemented on your site, the better.
How do I implement HTTPS?
It can be different for every website. If you have a Zesty.io site, you likely already have HTTPS. If you are a Zesty.io user and do not currently have HTTPS, we at our support team is happy to lend a hand! Please email firstname.lastname@example.org and we will walk you through the process.