What is happening?
As of January 2017, new versions of the Google Chrome browser will start warning that certain pages on websites are ‘not secure’.
Initially this will only apply to sites that do not use SSL on login and credit card entry pages.
You can see the effects of browsing a site with SSL enabled by noticing the ‘green padlock’ icon to the left of the web address in your browser. This is typically used by banks and other organisations to protect you from being snooped on whilst carrying out confidential transactions.
Google will eventually mark all pages on websites as ‘insecure’ (not just login and financial pages) unless they are served as SSL pages.
It seems inevitable that other browsers will follow suit.
Impact
Does this matter? Your website will be no less secure because of this change. It will start highlighting the fact that you don’t use SSL to your customers though. People may start to think that there may be a problem with your website even if you do use the secure services of Paypal or Amazon.
It may even damage your brand when it comes to simple brochure-ware sites that don’t sell anything directly.
Take action
A provider of free SSL certificates has now come forward. This will address the problem effectively for most websites. See our brief article on the free certificates provided by Lets Encrypt.
Some hosting organisations will provide certificates at a premium rate from other providers. They may suit your needs better, but in general we believe that most small businesses will be more than happy with the free product.
Naturally we do not charge to install one of these certificates for our customers.