Avoiding “Your connection to this site is not private” warnings in Google Chrome 56
Google has announced that with Chrome 56, which is currently scheduled to be released in January 2017, all non-secure pages containing password and credit card input fields will be marked as Not Secure in the URL bar. This warning could have a negative impact on your site by scaring off users who may not know any better. Fortunately, Google has provided an example of the proper way to secure all password and credit card input sites.
The Quick Fix: Redirect to a Single HTTPS Page
If you currently have a login and/or credit card input on an HTTP page, you will have to redirect the browser window to a secure page – an iframe within the non-secure page will not work.
The Long Term Solution: Migrate to HTTPS
Eventually, Chrome will show a “Not Secure” warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields. Even if you don’t migrate to HTTPS now, you should plan to in the very near future.
Have questions about HTTP vs HTTPS? Want to know if your site is secure? Send us a note!