Tonight I have received the first warning message from Google for a website that DOES NOT have SSL security. This email states that Google is taking action NOW against websites that do not protect (encrypt) it’s users details.
If your website already has an SSL certificate, you don’t need to worry (just make sure you renew the SSL when it is due). To check this, please contact me or visit your website in a browser and see if you see the green padlock next to your web address, here is what a ‘safe’ website will look like…
If your website does not have an SSL certificate, in a matter of weeks/days or possible even hours, any of your visitors that use Chrome as their web browser will be warned that your website is UNSAFE.
What you need to do
I have sent out a few emails on this subject over the past few months, so you might be aware of this already. To make your site secure, it needs an SSL certificate. Once purchased and installed, all of your website URLs (links) then need changing from http to https. The site then needs to be checked and validated. Once done, browsers will start to display the green padlock and word ‘secure’ next to your web address.
I hope all of that makes sense. If not, please feel free to give me a call on 01226 741110, 07792 406356 or email firstname.lastname@example.org. Here you can see the email I received from Google…
Google Search Console
Non-Secure Collection of Passwords will trigger warnings in Chrome 56 for http://www.————.co.uk/
To: owner of http://www.————-.co.uk/
Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over HTTPS.
The following URLs include input fields for passwords or credit card details that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, so that you can take action to help protect users’ data. The list is not exhaustive.
The new warning is the first stage of a long-term plan to mark all pages served over the non-encrypted HTTP protocol as “Not Secure”.
Here’s how to fix this problem:
- Use HTTPS pages to collect sensitive information
- To prevent the “Not Secure” notification from appearing when Chrome users visit your site, move collection of password and credit card input fields to pages served using the HTTPS protocol.
- Read the WebFundamentals article
Need more help?
- Find out more about this change in the blog post “Moving Towards a More Secure Web”.
- Find out how to Secure your site with HTTPS.
- Ask questions in our forum for more help – mention message type [WNC-10026400].
Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043 | Unsubscribe from this type of message | Add partners who should receive messages for this Search Console account.