What Chrome Means by ‘Not Secure’ - The New York Times
Q. Why is Google Chrome giving me warnings about websites not being secure all of a sudden? Is my computer at risk?
A. The increased number of “Not Secure” messages you’re seeing is likely the result of a recent Chrome update. Although it may have seemed like things changed overnight, Google has been on a steady march since 2016 to improve connection security for those using its Chrome browser.
But first, some background: Many sites still use the older Hypertext Transfer Protocol (HTTP) to exchange information with a web browser — even though the data passed back and forth is visible to those who knew how to intercept it. By comparison, sites asking for sensitive data like credit-card numbers generally use the Hypertext Transfer Protocol Secure (HTTPS) instead, as it encrypts, protects and authenticates communications between the website and the user’s browser.
Google is part of an increased security push to make these encrypted connections the default standard for websites. In 2017, the company updated Chrome to start labeling web pages with password and credit-card fields still using HTTP connections as “Not Secure” in order to raise awareness about data security. (The New York Times site began to shift to HTTPS connections in early 2017.)
You may also like:
Earlier this year, Google warned it would begin marking all sites not using HTTPS as “Not Secure.” The company began doing so on July 24 with an update to the Chrome browser — which has led to increased warnings when you visit a site using the older protocol.
Sites using HTTPS have received security certificates from trusted authorities to verify their identities, but the certificates themselves can have different validation levels, some of which are easier (and cheaper) to get than others. To stay safer online, make sure you know the company you are communicating with, and encrypt your own connection with a virtual private network and other tools to protect your data further.
Personal Tech invites questions about computer-based technology to [email protected]. This column will answer questions of general interest, but letters cannot be answered individually.