Security News > 2023 > May > Google Chrome will lose the “lock” icon for HTTPS-secured sites
In September 2023, Google Chrome will stop showing the lock icon when a site loads over HTTPS, partly due to the now ubiquitous use of the protocol.
"We redesigned the lock icon in 2016 after our research showed that many users misunderstood what the icon conveyed. Despite our best efforts, our research in 2021 showed that only 11% of study participants correctly understood the precise meaning of the lock icon," the team explained.
"This misunderstanding is not harmless - nearly all phishing sites use HTTPS, and therefore also display the lock icon. Misunderstandings are so pervasive that many organizations, including the FBI, publish explicit guidance that the lock icon is not an indicator of website safety."
The new "Tune" icon is more clickable, they feel, and it will open website controls that will now include the lock icon as the entry point for information about connection security.
The icon change will also be introduced in Chrome for Android at the same time.
"On iOS, the lock icon is not tappable, so we will be removing it entirely. On all platforms, we will continue to mark plaintext HTTP as insecure," the team concluded.
News URL
https://www.helpnetsecurity.com/2023/05/03/google-chrome-https/
Related news
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google to let businesses create curated Chrome Web Stores for extensions (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)