Google simplified the security icons on the 46th version of Chrome. The goal is to make it easier for users, as they don’t have to learn and worry about all the previous security states shown on the web browser.
Until recently, Chrome marked websites that had some security errors with a yellow caution triangle sign. Now, these websites will fit into the category of nonsecure, eliminating the sign, and marking the website state saying, “HTTPS with Minor Errors.”
“We’ve come to understand that our yellow ‘caution triangle’ badge can be confusing when compared to the HTTP page icon, and we believe that it is better not to emphasize the difference in security between these two states to most users,” said Lucas Garron and Chris Palmer, from Chrome security team on the Google Online Security Blog.
The changes will reduce the number of security states from four to three, trying to represent it as accurately as possible.
Google will use the “neutral icon” on unsecure sites. They believe that removing the badge could mean that most users won’t recognize the warning when entering a “mixed content” site, so they are encouraging developers to switch to HTTPS as soon as possible.
On the blog, they explain that migrating from HTTP to HTTPS can result in “mixed content.” HTTPS is a security protocol widely used on most sites: it authenticates the website and protects the privacy and integrity of the exchanged data.
The mixed content appears when a website doesn’t have the totality of the information encrypted, resulting accessible for hackers and compromising the site’s security. Google’s security team warns that the site may not be fully secured as this migrational process occurs, but usually it will not be less secure than it used to.
“In the long term, we hope that most sites on the internet will become secure, and we plan to reduce the icon to just two states: secure and not secure. The change announced in this post is a small step in that direction,” the press release concludes.