People rarely take SEO recommendations seriously, especially when there are no direct repercussions of not following them on the horizon.
So, when in 2014 Google confirmed HTTPS as a ranking signal[1] – that is, recommended that all websites should migrate to HTTPS for the sake of their users’ security – few website owners took it as a direct instruction.
According to research conducted by Stone Temple Marketing[2] in 2014 which analyzed the security of 200,000 websites, only a tiny minority of 0.3% switched to HTTPS at that time.
For several years after that, the speed of HTTPS adoption[3] was slow, and yet Google kept sending out the message about the need for a more secure web. So, on September 7th 2016 Google made another announcement: beginning in January 2017, they are going to mark all the non-secure websites visited via Chrome browser.
What that meant was that a warning would be displayed on HTTP websites in the following cases:
- If the page had password or credit card input fields;
- If there was an entry field of any kind on the page;
- If the page was visited in Incognito mode.
A brief history of HTTP warnings
Keeping its promise, Google implemented this feature in a form of a grey warning message in the Chrome address field. Once the user navigated to a website, they were warned that this website was not secure.
The final step that Google will take is to mark those messages red. This way, the warning is way more noticeable, and sends a clear signal to the user: leave or you risk exposing your personal data.
I’m sure I don’t need to spell out what effect this has on