Until recently, one way to see if a web page is secure is to look out for the green padlock in the browser (next to the URL). If there was no green padlock you would assume that the web page in not secure – that the communication between your browser and the website is in clear text (HTTP). Google’s preference is for ALL website traffic to be over HTTPS, which is secure and encrypted.
In January 2017, Google had announced that they be introducing various changes over time, in Chrome, when dealing with HTTP web pages.
In September 2018, when Chrome 69 was released, the green padlock was replaced by a grey padlock. In addition to this there is no explicit wording to state that the site is ‘secure’. The end goal being that users should expect all web pages to be secure by default, and to only receive a warning if the site is not secure.
Chrome will be taking even further steps with its security indicators as Google would like to achieve 100% encryption across all websites. So don’t rely on seeing a green padlock as a security indicator, as eventually it won’t apply anymore in Chrome:
In October 2018, Google is scheduled to release Chrome 70. With that release Google advise that they will start showing the red ‘not secure’ warning when users attempt to enter data (eg filling in a form) on a HTTP page. Google believes that these changes will help pave the way in making the Internet safer and more secure.
Implementing HTTPS on a website has become cheaper over time with many hosting companies now offering free SSL certificates. If your website does not use HTTPS, you should take steps to make that happen! See this article for more info. This is something your web developers can help you with.
