Chrome’s Handling of Sensitive Information Changing January 2017
Starting January 2017, Google is changing the way the Chrome browser handles sensitive information. Sites that collect sensitive information, like passwords and credit cards, will be flagged as non-secure if they don’t use HTTPS protocol.
If your site currently is not following HTTPS protocols, you’ll need to enable it on your entire site if you collect payment information or any other type of personal data. If some or most of your pages do not collect sensitive information, enabling HTTPS on your entire site is critical according to Google’s new policy. The new policy will not distinguish between only those pages that collect sensitive information. Your entire site will be flagged non-secure, which could wreak havoc on your search engine optimization efforts.
Without HTTPS information can be stolen by hackers. This is why Google has been an long-time advocate for HTTPS across the Internet. They are campaigning it through the #NoHacked campaign. More importantly, Google ranks sites with HTTPS higher, which means better boosting for your site.
Even if you don’t personally use Chrome, Chrome enjoys 55% of the market share on desktops and mobile devices. Chrome allows you access to more than half of the population browsing the Internet.
If you collect sensitive information, you have until the end of January to migrate your site to HTTPS hosting. After that, you’ll be flagged as non-secure on Chrome. Migrating is easy. Here’s one step-by-step guide.