Google Plans New Label for Sites With Insecure Password Systems

Peter Roesler, President - Web Marketing Pros

By Peter Roesler

President, Web Marketing Pros

googlelogo_color_284x96dpProviding proper security for websites has become an increasingly important challenge for small business owners. Over the past few years, we have seen multiple situations where insecure websites for small businesses leaked information that can be used by malicious parties. As this will certainly be a problem for years to come, Google has taken a proactive solution to convince website owners to update their websites. In 2017, Google will start labeling in search results when websites have unsecured logins when consumer are using the Chrome browser.

The issue centers on the traditional HTTP format that once ruled the web. While many sites have switched to the more secure HTTPS, there are a lot of websites that haven’t made the change. This problem can quickly grown in size, because people often use the same passwords for different sites. This means that if someone is able to get an email/password combo from one unsecured site, they may have also gained the malicious user with access to more important sites.

To keep its Chrome browser users from falling victim to these kinds of issues, Google will start labeling sites in search (on Chrome browsers) that list sites as being unsecure. Such a label could be very detrimental to overall traffic to the site, and will encourage (if not force) more sites to switch to HTTPS.

In a statement that was sent as warning to people using unsecure platforms, the company wrote, “Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over HTTPS.

The following URLs include input fields for passwords or credit card details that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, and so you can take action to help protect users’ data. The list is not exhaustive.”

Google elaborated more on the change in an post on Google plus, where they explained how the system will treat URLs from systems that have not upgraded.

“From the end of January with Chrome 56, Chrome will mark HTTP sites that collect passwords or credit cards as non-secure,” the company explained. Enabling HTTPS on your whole site is important, but if your site collects passwords, payment info, or any other personal information, it’s critical to use HTTPS. Without HTTPS, bad actors can steal this confidential data. #NoHacked”

The threat of reduced traffic to their sites is often enough to spur business owners to action. Though there is a cost associated with switching to an HTTPS server, it’s worth it in the long run to help build trust with website visitors. A recent study reported that 53 percent of consumers don’t trust retailers to handle their data properly. Said consumers would be even less trusting if there was a built in warning from Google telling them that the password information they use on a site can be easily stolen by hackers.

Like many of the changes Google has essentially forced onto webmasters, encouraging the switch to HTTPS is good thing for the website that choose to do so. And like the big change with mobile algorithms, Google is offering help to website owners who would be adversely affected when the new label goes into effect.

The plan currently only applies to the Google Chrome browser, but based on the feedback and results, we may see the label expanded to all versions of Google Search. Either way, business owners should be planning to make the switch to HTTPS.

For more news on marketing and advertising, read this article on the growing effectiveness of certain types of ads.

Share This Article