Google have recently changed how Google Chrome works. Chrome now identifies any website that requires you to input security-related information as ‘Not Secure’, when that website does not provide adequate security and encryption as part of its process. Encryption is important as it protects you from hackers easily ‘eavesdropping’ on your connection and capturing your private information. As a result of this change, we have received numerous enquiries asking what to do and if there is any cause for concern?
This warning only appears on web pages request some form of private information; this includes most ‘login’ screens that need your user name and password, email access, internet banking and online payments. Google is in fact being a good net citizen in informing you that the website you’re accessing doesn’t meet modern security standards
So, is there anything to be aware of and concerned about? Well, Yes and No. Firstly, any website that asks for and stores sensitive or personal information should NEVER display the above warning. Always look at the address of the website and notice that it starts with ‘https://’ and has the green padlock icon – this indicates the site uses secure technology (e.g. modern encryption) and is safe to use. Highly-secure websites such as your bank might also display their company name next to the padlock – this acts as an independent confirmation of their identity and is an extra surety that you are connecting to the legitimate website.
For other types of websites such as discussion forums, clubs and hobby sites, which require you to ‘log in’ in order to participate, having the ‘Not secure’ warning is less critical. For example, if someone hacked your login for your membership of the “Cat Lovers Australia” forums because they were ‘Not secure’, would this really be a major life incident? Probably not! Please also be aware that it will take some time for website owners to react to this change – implementing high security usually requires a re-design of the website and the purchase of an SSL Security Certificate, which are costs and changes that will take time to process. Some website owners may choose not to provide the higher level of security since the risk of anyone trying to hack a chat forum about cats is pretty minimal.
In Summary Always look for https:// and the green, locked padlock icon next to the address of ANY website where you input personal, private information; especially anything to do with banking, payments or financial transactions, government etc. For less important websites such as discussion groups, clubs etc. that require a basic log in for participation, recognise that the “Not secure” warning is just that – a warning that your details could potentially be captured by hackers. However, since websites of this nature don’t hold any critical, private or financial information, the potential for loss or damage is minimal. Proceed with accessing these sites only if you are comfortable in knowing they offer a lower level of security. In the long-term, Google wants every website to implement high-security as standard. This is a good thing and will benefit everyone (helps to defeat fake, scam websites that try to steal your passwords). The “Not secure” warning is a gentle nudge by Google to further drive this initiative. If your website has started coming up as “Not secure” – ask us how we can help you understand and address this issue.