20 October 2018 update: Google is now marking all non-HTTPS compliant websites as 'affirmatively not secure' with its Chrome 70 update. This means that if the user interacts with any input field, 'not secure' displayed in the browser turns red.
The eventual treatment of all non-HTTPs sites is that they will be marked affirmatively not secure regardless of whether the user interacts with the site or not. There is no target date yet for the final state.
Google is still displaying random screen splashes (see below: 'your connection is not secure') to non-https sites and also gives lower SEO juice to sites which do not comply. See Google notices at the end of this post.
NOTE: this post has been updated several times since the original post in May warning users to get on board to HTTPS as Google would start marking them 'not secure' and 'affirmatively not secure'. We will continue to update this thread as more information becomes available. You can subscribe to this blog to get future updates using the subscribe option at the end of this post.
Think about HTTPS.
Earlier this year Google started gradually marking sites using HTTP as not secure. What a surprise when I came across very familiar sites marked this way. Here's what it looks like if you're wondering what I'm talking about.
Google powers 65% of the web so that alone should make you stand up and take notice. But if not, you should also know that other companies are following suit. With Microsoft, in Internet Explorer, here's what you will see:
Trust is a big issue on the Internet so Google has been encouraging people to move to HTTPs. The problem is that it can cost money, it takes time to do, and your site can be down for some time too. However, HTTPS is becoming cheaper and easier to integrate so Google now wants everyone to get to it.
ImpulseHub and Strikingly Websites
Strikingly supports HTTPS by default so all ImpulseHub designed websites are good to go. Your site will already be on HTTPs.
If you're still on HTTP you need to move to HTTPS to avoid getting nasty 'not secure' messages appearing on your website. Google gave people until July 2018 to get moved or else face the consequences. If you didn't, your visitors will now see 'not secure' on your site. In October, 'not secure' will turn red if the user interacts with any input field.
82% of visitors will not interact with your site if they see it is not secure. See more about this in a great little HubSpot video here.
Checking your site
If you want to check to see if HTTPS is on your site or not, open your site up in a browser and check the address shown. Secure sites will look like the address in the bottom image below. Sites that are NOT currently HTTPS will look like the address on the top.
Upgrading to HTTPS
Note that upgrading to HTTPS is a once off change. It is not something that is done often. The protocol is something that is agreed to and standardized by International committees that include the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C).
If you are not an ImpulseHub client, check with your hosting provider about getting your site upgraded to HTTPS. They should be able to advise you on how best to do this.
Other than the stick of getting people to HTTPS by telling visitors that say your site is not secure, there is a carrot too. Your site will be given preference in terms of SEO. #smallFavours
All ImpulseHub websites are HTTPS as standard
All ImpulseHub websites are secure. Unlike many places, this is included as standard. There's no additional fees, no yearly charge, you don't even have to ask. You get it for nothing. That's right, nada.
If you have questions about whether you site is secure, you want to discuss how to make the most of your website, or make it run better for your business, get in touch. We offer a free 30-minute consultation.
Want more tips & resources?
For more tips and resources, sign up for our newsletter here. We're about helping you in business. Delivered straight to your in-box once or twice a month. Subscribe now.
Google updates on HTTPS:
- In "A secure web is here to stay" (8 Feb 2018), Google says they will mark all non-HTTPS as non-secure from July 2018.
- In "Evolving Chrome's security indicators" (17 May 2018) Google says that they’ll soon start marking all HTTP pages as “not secure”, and step towards removing Chrome’s positive security indicators so that the default unmarked state is secure.
- Timeline on the Chromium Project here includes dates on how Google will make the web more secure.
- Secure Your Site with HTTPS (Google)