Google Chrome’s Latest Security Update: What It Means For Your Website

  • Google Chrome logo, retrieved February 2017

Google’s developers are pushing for uniform Internet security, but not without its headaches for some.

The January 2017 Google Chrome update took steps toward creating “a more secure Web” by identifying websites and pages that don’t use a secure connection as “Not Secure.” For now, this warning applies to webpages that use entry fields for either passwords or credit card information.

While many a Web developer is now fielding panicked questions regarding their website’s status, the new feature is part of Google’s intentions to secure your sensitive information online. Additionally, ensuring your website’s security is not as difficult a process as it may seem.

What’s the Difference Between a “Secure” & “Not Secure” Website?

Fortunately, this is a very easy thing to determine.

Type the link to your website into a Web browser and hit “Enter.” We recommend using Google Chrome for this, but Firefox (or even Microsoft Edge) will do.

Google Chrome update URL

If your link begins with https://, this means your website is using a secure connection and private information remains private. The Google Chrome update will display this page, and other pages on your website using this connection, as “Secure” in the address bar.

This is a secured URL, using https:// protocol.

If your link begins with http://, this means your website is not using a secure connection. This means your website is more vulnerable to hackers, viruses, malware, etc. If you have included fields for visitors to enter passwords or credit card information, then the Google Chrome update will mark your webpage as “Not Secure.”

This is Google Chrome's warning that your page is not secured.

Why Should I Care?

  1. Google Chrome is by far, the most popular browser in the world. In January 2017, Chrome was by used by over 51% of Internet users worldwide. The second-most popular is Mac’s Safari, which is only used by 14% of Internet users.
  2. Click & Pledge allows organizations to either embed their donation forms on their website, or use a standalone URL that is always secure. If you’re using an embedded form on an unsecured site — even though the form is secure — Google Chrome will still mark your webpage as “Not Secure.”
  3. If potential donors see that your donation form is unsecured, they will be much less likely to donate to your organization using your website. Google is urging the entire development community toward using secure connections. Considering the sensitivity and dangers associated with credit card and identity theft, this should really come as no surprise.

What Should I Do About The Google Chrome Update?

Remember, there’s no need to panic just yet! The process of securing your website and donation forms is pretty straightforward. All you’ll need is to contact your website hosting company, and add an SSL Certificate — a “digital signature” that verifies your content — to your website.

If you need help, you can have your website’s developer or IT administrator look into this for you. But according to Google’s Support team, here are the steps you need to take:

  1. Obtain an SSL Certificate from a certificate authority (CA) to verify your website’s authenticity. This can be done in a matter of minutes and at a very low cost on websites like Servertastic.
  2. Implement 301 Redirects to navigate your users and search engines from your HTTP page to your new HTTPS connection.
  3. Index your HTTPS site with Google.
  4. There are some other common red flags to avoid, all of which Google’s Support team lays out in its Support article.

Remember the old adage: An ounce of prevention is worth a pound of cure. By securing your website with an HTTPS connection, you not only reduce liability and the possibility of hacking attempts, you’ll earn your donors’ trust, too.

Matt Sutherland
Matt SutherlandCommunications Director
Matt’s favorite activities include playing pickup lacrosse games and turning his guitar amp up to 11.