Google announced plans to increase the usage of the "Not secure" indicator on sites loaded via HTTP. The company's plan includes two major changes.
The first is how Chrome marks HTTP pages in the default browsing mode. Currently, Chrome labels HTTP pages as "Not secure" when there's a form field present on the page for entering payment card or password information. This change was added in Chrome in January, with the release of version 56.
Google said yesterday that starting with Chrome 62, expected to be released in October this year, the browser will mark any HTTP page as "Not secure" if the user is entering data in any kind of field, may it be a search field or a simple numeric input. Google released the following GIF to showcase how the feature will work.
The second major change is in "Incognito Mode." Google says that all HTTP pages will be marked as "Not Secure" starting with Chrome 62.
This labeling will happen regardless if there's a form field on the page or not. The Chrome team justified this improvement by saying that "when users browse Chrome with Incognito mode, they likely have increased expectations of privacy."
Google also finally admitted that it does plan to show the "Not secure" flag in the URL bar for all HTTP pages somewhere in the future. More details on Google's path to marking everything HTTP as "Not secure" will be available on this page.