Google Will Soon Start Shaming All Sites That Don’t Use HTTPS as 'Not Secure'

Image: Google via YouTube
Image: Google via YouTube

HTTPS, or the secure version of the ubiquitous Hyper Text Transfer Protocol, can’t solve every problem when it comes to online security. As far as preventative measures go, however, it’s relatively cheap to implement and serves as a strong baseline before tackling other, more difficult issues.

That’s why, starting in July 2018, Google will start labeling all sites still using unencrypted HTTP as “not secure” on version 48 of Chrome. Hopefully, this sort of tagging will inform users about how sites they visit operate, while also putting a bigger burden on websites owners to switch over.

Right now, Google says, 68 percent of Chrome traffic on Android and Windows is protected, while that number rises to 78 percent on Chrome OS and Mac, with 81 of the top 100 sites on the web using HTTPS by default.

Image: Google
Image: Google

However, there are still a number of major sites like,, and that still don’t use HTTPS. But what could be an even bigger problem for these sites is that, in addition to security concerns, Google also uses HTTPS as a ranking metric for search. That means that by continuing to hang on to HTTP, those sites should be getting less traffic directed their way than they otherwise would, which presumably has an effect on the site’s revenue.

Labeling sites using HTTP not secure is something Mozilla has also toyed around with, too, after it implemented a similar approach to sites using HTTP in Firefox Nightly version 59 back in December.

Senior reporter at Gizmodo, formerly Tom's Guide and Laptop Mag. Was an archery instructor and a penguin trainer before that.

Share This Story

Get our `newsletter`


A website can be perfectly secure (by any and all means) even if it’s not using HTTPS, and can be perfectly insecure even if it’s using HTTPS. Because of that, this terminology and labeling is as silly, as it can get, and only erodes the meaning of the word “secure”.