The web browser Chrome will begin labeling HTTP sites that transmit passwords or ask for credit card details as “Not Secure”

chrome-https

Starting in January of 2017, the world’s most popular web browser Chrome will begin labeling HTTP sites that transmit passwords or ask for credit card details as “Not Secure” — the first step in Google’s plan to discourage the use of sites that don’t use encryption.

Unencrypted HTTP has been considered dangerous particularly for login pages and payment forms, as it could allow a man-in-the-middle attacker to intercept passwords, login session, cookies and credit card data as they travel across the network.

In the following release, Chrome will flag HTTP pages as “Not secure” with a neutral indicator in the address bar of incognito mode, where users may have higher expectations of privacy.

“Chrome currently indicates HTTP connections with a neutral indicator,” Emily Schechter wrote in a blog post. “This doesn’t reflect the true lack of security for HTTP connections. When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.”

Last month, Google also implemented HTTP Strict Transport Security (HSTS) on its main domain (google.com) in an effort to prevent users from navigating to websites using the insecure HTTP.

Google reported that today, more than half of the websites visited by Chrome users are already encrypted.

Not only Google, but Mozilla has also been encouraging users to adopt HTTPS through its Let’s Encrypt project that provides free SSL/TSL certificates for website owners to help them implement HTTPS for their services. (Here’s How to Install Free SSL Cert).”

Author:

source: http://thehackernews.com/2016/09/chrome-https-security.html?m=1

Save

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s