Tomorrow — Tuesday, 24 July — sees the release of Chrome 68. Many people will regard this as just another browser update, but the release sees an important change to the way Chrome handles unencrypted websites.
The new way in which non-HTTPS sites are handled means that Chrome is going to start throwing up warning messages whenever an insecure site is encountered — a reversal of the way things have been up until now.
In previous versions of Chrome, Google would highlight the fact that you were accessing a secure HTTPS site with a label in the address bar. In a complete about turn, with Chrome 68 Google is instead going to warn about sites that are not secure — that is, non-HTTPS sites without a valid security certificate.
On its support pages, Google explains the change:
Unencrypted sites to show “not secure” indicator
For the past several years, we’ve advocated that sites adopt HTTPS encryption for greater security. Within the last year, we’ve also helped users by marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.
The changes will affect both web pages and intranets when Chrome 68 starts to roll out tomorrow.