Google puts screws to HTTP with new warnings in Chrome
Google today continued its campaign to tighten the screws on unencrypted web traffic as it outlined the next steps it will take with Chrome to warn users of insecure connections.
Starting with Chrome 56, which is currently scheduled to ship in stable format on Jan. 31, 2017, the browser will mark sites that transmit either passwords or credit card information over HTTP connections as “non-secure.”
The move will be “Part of a long-term plan to mark all HTTP sites as non-secure,” Emily Schechter, a product manager in the Chrome security team, said in a post to a company blog Thursday. The plan, Schechter continued, “will take place in gradual steps, based on increasingly stringent criteria.”