Last month Chrome came out and announced that all websites that are not HTTPS, will from January next year start to be flagged by them as not secure if the sites either require passwords or take credit card details. The move has been designed to “encourage” firms with HTTP sites to turn them into HTTPS ones.
The motivation for this announcement was to quote Chrome to “help users browse the web safely” and part of “a long-term plan to mark all HTTP sites as non-secure.” So in time this will affect all HTTP sites and not just those that take passwords or credit card details. Below is how Chrome will eventually flag up all HTTP pages.
So exactly what is the difference between a HTTPS or HTTP site? If a website is not HTTPS, it is not secured and it is possible for someone else to interfere with the website before you see it. For a long time, only websites with serious security concerns bothered to get a certificate (which is what sits behind a HTTPS website) – for example businesses taking payments or banks allowing people to log into their accounts, but HTTPS sites have become increasingly common.
From enquiries we have been making to web companies on behalf of clients, changing your site from an HTTP site to become HTTPS is nowhere near as big a deal as it was for example to make a non mobile site, mobile friendly. It is an additional cost however and yet another thing to add to your growing “to do list”.
Is it worthwhile making it the change? We think so. No-one yet knows how the general public will react to these changes, but it is likely to put many users off and that cannot be a good thing for your website. If that were not reason enough it is a widely held view in the Search Engine Optimisation community that making your website HTTPS will give it a google ranking boost as well. So all in all, it probably is really a question not of yes or no but when.