Websites with text input will require SSL certificate to avoid a “Not Secure” warning
Websites with any kind of text input will require an SSL certificate if they want to avoid a “Not Secure” warning. With its next update to Chrome 62 rolling out as I write, Google Chrome, the most-used web browser will begin showing sites without an SSL certificate as ‘Not secure’ when visitors enter data. A SSL certificate encrypts messages and information sent to your website, and will show the secure green padlock in the browser bar (in Chrome). Sites with an SSL certificate also have a https web address rather than a http one.
In practice this means visitors completing checkout forms, filling in contact forms, entering information or logging in to their account, will see a Not Secure notice.
All http sites in incognito mode will also show as insecure. And furthermore, from some time next year, it is likely that Google will show all http sites as insecure as part of its drive to make the web a more secure place.
“Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS,” – Emily Schecter from Chrome Security Team.
Of course, when a visitor to your site sees this, it is highly unlikely that they will proceed.
If your site requires visitors to fill in data via, for example, membership, checkout or contact forms you are highly recommended to get an SSL certificate as soon as possible. Furthermore, Google also slightly favours sites with an SSL certificate in search results.
Many hosts offer a free SSL certificate via Let’s Encrypt or you may have one included in your hosting package. If not you may have to purchase one from your host.