Want to keep the TNW Conference vibe going?? Tickets for TNW2022 are available now >>

The heart of tech

This article was published on July 25, 2018

Here’s what Chrome’s new ‘Not secure’ warning means

Here’s what Chrome’s new ‘Not secure’ warning means
Abhimanyu Ghoshal
Story by

Abhimanyu Ghoshal

Managing Editor

Abhimanyu is TNW's Managing Editor, and is all about personal devices, Asia's tech ecosystem, as well as the intersection of technology and Abhimanyu is TNW's Managing Editor, and is all about personal devices, Asia's tech ecosystem, as well as the intersection of technology and culture. Hit him up on Twitter, or write in: [email protected].

If you’ve updated Google Chrome to version 68, which rolled out this week, you’ll likely begin seeing a ‘Not secure’ warning in the address bar.

That’s to let you know that the site you’re visiting is not HTTPS-enabled, and the traffic is being transmitted over the old, less secure HTTP protocol. That means a hacker could spy on the data you’re sending and receiving from the site in question (such as passwords and credit card numbers), and even hijack the connection to run a phishing scam or redirect you to a malware-laden page.

HTTPS sites encrypt the data that’s being transmitted between your device and their servers, so you’re far less vulnerable to such attacks.

Here’s what the new warning looks like in Chrome 68:

Chrome v68 displays a 'Not secure' warning on HTTP sites
Chrome v68 displays a ‘Not secure’ warning on HTTP sites

Google noted that 83 of the top 100 sites on the web now use HTTPS by default, which is great. But as security researcher Troy Hunt noted, that leaves out some major ones, including Baidu, QQ, and JD.com in China (which are among the top 15), and Twitter’s t.co domain, which it uses to redirect people from its platform to linked pages in tweets.

If you spot a ‘Not secure’ warning while browsing, you’ll want to be careful about entering sensitive information on that site. Hopefully, this move will encourage more webmasters to migrate their sites to HTTPS soon – Google even has a guide on how to do it for free.