TECH TIP
Google’s recent update to the browser warns users when websites aren’t automatically protecting their communication.
In Version 68 and later, Google Chrome alerts you when a website is not encrypting your connection. Credit The New York TimesQ. Why is Google Chrome giving me warnings about websites not being secure all of a sudden? Is my computer at risk?
A. The increased number of “Not Secure” messages you’re seeing is likely the result of a recent Chrome update. Although it may have seemed like things changed overnight, Google has been on a steady march since 2016 to improve connection security for those using its Chrome browser.
But first, some background: Many sites still use the older Hypertext Transfer Protocol (HTTP) to exchange information with a web browser — even though the data passed back and forth is visible to those who knew how to intercept it. By comparison, sites asking for sensitive data like credit-card numbers generally use the Hypertext Transfer Protocol Secure (HTTPS) instead, as it encrypts, protects and authenticates communications between the website and the user’s browser.
Google is part of an increased security push to make these encrypted connections the default standard for websites. In 2017, the company updated Chrome to start labeling web pages with password and credit-card fields still using HTTP connections as “Not Secure” in order to raise awareness about data security. (The New York Times site began to shift to HTTPS connections in early 2017.)
Earlier this year, Google warned it would begin marking all sites not using HTTPS as “Not Secure.” The company began doing so on July 24 with an update to the Chrome browser — which has led to increased warnings when you visit a site using the older protocol.
Sites using HTTPS have received security certificates from trusted authorities to verify their identities, but the certificates themselves can have different validation levels, some of which are easier (and cheaper) to get than others. To stay safer online, make sure you know the company you are communicating with, and encrypt your own connection with a virtual private network and other tools to protect your data further.
Personal Tech invites questions about computer-based technology to techtip@nytimes.com. This column will answer questions of general interest, but letters cannot be answered individually.
J.D. Biersdorfer has been answering technology questions — in print, on the web, in audio and in video — since 1998. She also writes the Sunday Book Review’s “Applied Reading” column on ebooks and literary apps, among other things. @ jdbiersdorfer