Starting in October 2017, Chrome will begin displaying a “not secure” warning when users enter text on HTTP pages and for all HTTP pages in Incognito mode. This update comes after a January 2017 update when all pages with passwords or credit card information began to appear with a “not secure” warning in Chrome.
What this means for you
Both Chrome security warnings are gradual steps in Google’s long-term plan to mark all pages served over HTTP as “not secure”.
If you received a Google Search Console notification on August 17th, your web pages with forms or search boxes will be impacted by this update. And, even if you didn’t receive a notification (because you aren’t connected to a Google Search Console account), your web pages will still be affected if the conditions apply.
What you should do
To prevent the “not secure” notification from appearing to Chrome visitors, secure your web pages with forms or search boxes by serving them only using HTTPS. However, it’s recommended to migrate your entire site to HTTPS. Because, as mentioned earlier, Chrome plans to show the warning for all HTTP pages in the future.
Here are examples of when the warning will or will not appear with the October 2017 update:
You can determine how many of your site's visitors will be affected through Google Analytics. Simply review the visit percentage of Chrome browser users:
(Because Chrome auto-updates to the latest browser versions, you can expect the majority of Chrome users to be using version 62 at the time of this update.)
Then, after the update, it is equally important to closely monitor your conversion rate within this audience segment to determine the impact.
What are the benefits?
The benefits of a HTTPS migration extend beyond avoiding a warning. It builds trust in your site's visitors, improving engagement rates and conversion rates. It enables the best performance the web offers and powerful new features that are too sensitive for HTTP. HTTPS is also an identified and confirmed organic search engine ranking signal in Google.
It is difficult to predict the immediate impact of this update. But, it is clear that this is the direction that Google is going and more updates are coming. In addition, other competitor browsers (Apple and Mozilla) are following suit. Don’t wait until it affects your bottom line. The time is now to switch to HTTPS.