last updated: August 2021
Version 68 of the Google Chrome browser introduced a new “not secure” warning in the address bar that appears whenever you visit an unsecured web page. the latest version of chrome also has a popup when you click on the message explaining “your connection to this site is not secure” and a warning not to enter sensitive information on the site.
the “not secure” warning means there is a lack of security for the connection to that page. it is alerting you that the information sent and received with that page is not protected and could be stolen, read or modified by attackers, hackers and entities with access to the internet infrastructure (such as internet service providers (isps) and governments) . the “not secure” warning does not mean that your computer or the site you are visiting is affected by malware. it only serves to alert you that you do not have a secure connection to that page.
Website owners have a responsibility to protect their site, and while site visitors cannot change an “not secure” warning, they can request that website owners implement security measures. This article will cover what’s behind the “not secure” warning and what site owners and visitors can do to fix it.
First, note that the warning appears differently in different browsers. this is what the “not secure” sign looks like in chrome, safari and firefox.
“not secure” warning in chrome:
“not secure” warning in safari:
“not secure” warning in firefox:
http → “not secure”, https → “secure”
Unsecure websites display the “not secure” warning that appears on all pages that use the http protocol, because it cannot provide a secure connection. historically, this had been the main protocol used for internet communication.
Over the last few years, websites have transitioned to https (the s stands for “secure”), which provides encryption and authentication and is used by millions of websites, including google, facebook, and amazon, to protect your information while browsing. , log in and make purchases.
Please note that some websites may only support secure https connections on some but not all pages; in these cases, you may see the “not secure” warning only on unsecure pages.
If you’re a visitor or owner/operator of a website using http and see this warning, here’s what you can do.
for website owners/admins
The “not secure” warning is displayed on any page served over http, which is an insecure protocol. If you see this warning on a site you own or operate, you should resolve this by enabling the https protocol for your site.
https uses the tls/ssl protocol to provide a secure connection, which is encrypted and authenticated. using https requires that you obtain a tls/ssl certificate, and then you can install that certificate and enable the https protocol on your web server.
If you are the technical administrator or developer of your site, you should start by assessing whether you currently have https support. Some sites are partially supported, meaning they have either implemented https in some parts of the site or have not chosen to serve the site over https by default. If so, find out what steps need to be taken to implement https throughout your site and by default. our guide to setting up https everywhere will help you get started.
If you don’t have https implemented, start by reading our guide on choosing the right type of tls/ssl certificate to help you determine which tls certificate you need. your needs will vary depending on how many domain names you operate and whether you want your business validated for greater user trust. then review our guide to https everywhere to understand the steps you need to take to support https by default.
All major web browsers, including google chrome, mozilla firefox, microsoft edge, and apple safari, have a user interface that will warn users about insecure pages, so it’s important to support https for both the security and security benefits. for the optimal user. experience. Also, many new web technologies require https and some of them can improve the performance of your website.
for website visitors
The reason you see the “not secure” warning is because the webpage or website you are visiting does not provide an encrypted connection. when your chrome browser connects to a website, it can use http (not secure) or https (secure).
any page that provides an http connection will generate the “not secure” warning. You should avoid conducting any confidential transactions on these pages, including logging in or providing personal or payment information. browsing unsafe sites could also put you at risk if you are viewing information that is dangerous or not allowed in your country.
As a visitor, you cannot correct the cause of this warning. the only way to solve the problem is for the website operator to obtain a tls certificate and enable https on their site. this will allow your browser to connect securely using the https protocol, which it will do automatically once the website is configured correctly.
If a site you frequently use shows the “not secure” warning, you should contact them and ask them to start supporting https. You can also try manually replacing http with https in the url, as some sites may have partial support for https but don’t offer it by default.
Keep in mind that even basic http browsing, like searching for recipes or reading news, what you’re viewing can be monitored, changed, and recorded by entities like your ISP or the government. this effectively means that you have no privacy when you browse such pages. on public Wi-Fi networks, such as at a coffee shop or airport, there is an additional risk of local attackers (other computers on that network) who can see and monitor the pages you are viewing, the information you are sending them, and what you are searching for .