Chrome Security Warnings (Forms): A Proactive Stance On Web Safety

On October 17, 2017, Google rolled out Chrome 62, which had a feature that alerts users if they’re visiting an unsecured website, particularly those with internal search boxes and forms. This is a step toward the company’s overarching vision to have all pages served through an encrypted or secure data connection.

What’s It For

About a year before the Chrome Security Warnings update for forms, Google implemented the HTTPS policy to websites that have login fields. If a page has this section for passwords and other confidential information such as credit card details but doesn’t use a secure connection for it, the browser will issue a warning to users and inform them of the risks involved in sharing their data through an unencrypted channel.

For this update, Chrome adds two scenarios where it displays the “Not Secure” warning. One is when users type in information on an HTTP page through forms. The other improvement shows the alert on all HTTP pages accessed using Incognito mode.

Google reiterated its vision to label all HTTP sites as unsecured. The team also added their belief that all data shared by users should be private; that’s why they’re working on enhancing web security by promoting SSL. This protocol ensures privacy through encryption as well as renders information challenging to access and decipher by hackers.

What Were Its Effects

Since Google is one of the most popular search engines, the update paved the way for a more secure web browsing and searching experience for all users. The new warning was part of their overall plan to tag all HTTP pages as “Not Secure.” Now, it’s rare to find sites that don’t use HTTPS and Chrome continues to warn searchers when they’re about to visit a domain that’s unsecured.

What It Means for You

Serving your pages through an encrypted connection has been a ranking factor since August 2014 when Google developers decided to prioritize the security of users’ data. This motivated the webmaster community to use SSL as a default setting for their sites and provide a safe online experience for their visitors.

Back then, it was deemed as a lightweight signal, which means that it doesn’t have a considerable influence on ranking. This gave webmasters ample time to make critical improvements on their websites. Today, using a secure connection is crucial for your SEO.

Here are three reasons why HTTPS is essential for your website:

  • It Boosts Your Site’s Integrity A security protocol helps defend your website against your competitors tampering with the communications or transactions between your domain and visitors’ browsers. It protects your brand against malicious attacks or the injection of intrusive ads into your pages.
    These intruders can take advantage of unprotected connections and deceive your users into sharing sensitive information or downloading malware. Some also insert their advertisements that harm user experiences and lead to security breaches all while thinking that it’s you who’s doing these things when, in fact, you’re the victim.
  • It Safeguards User Privacy and Security As mentioned above, any information sent between your website and users’ browsers should be protected; not just those deemed as sensitive data such as logins, passwords, and credit card details. Each communication between these two parties has the potential to disclose the identities and online behaviors of your visitors.
    While it’s tempting to think that a single visit to your unsecured page won’t be harmful to your readers, intruders collect all sorts of data and study an individual or target group’s browsing activities to understand their preferences as well as intentions. They can use this information for their diabolical schemes.
  • It Future-proofs Your Website and Apps Technology is evolving rapidly, and with this comes new services, platforms, and features that require access to people’s sensitive information. Most of them require user permission to be executed. Older APIs are also being improved with updates to make execution permissions the default; an example of which is the geolocation API. The HTTPS factor plays a significant role in the permission workflows of these features and updates.
    Another SEO benefit that HTTPS can give to your website is that it boosts ranking for the mobile versions of your pages. Most searchers are on their smartphones or tablets nowadays, so this can be a critical factor that influences your site’s position in the SERPs. Enabling HTTPS may also facilitate faster browsing speeds and data encryption, through improvements in the TSL or Transport Layer Security, which leads to a better online experience for your page visitors.