Google Chrome team has started working on their experimental proposal to show non-secure websites as dangerous to the users. This warning would be shown similar to the padlock icon shown explicitly for the secured websites served over HTTPS/SSL.
The following screenshot shows non-secure warning icon in browser’s address bar for this website, as we have not implemented SSL yet:
According to the proposal document, the idea behind this move is to inform users about the nature of connection with the site, “When there is no data security, the UA should explicitly display that, so users can make informed decisions about how to interact with an origin”. This should also encourage webmasters to implement SSL on their websites.
Although, setting up SSL is quite expensive and requires technical skills, but Google hopes that the upcoming Lets Encrypt project would solve these issues, as it would offer free SSL certificates with easy-to-setup process.
To test out this experiment in Chrome, enable the “Mark non-secure origins as non-secure” flag in the latest Chrome Canary build, and load any non-secure website.
(h/t François Beaufort)