SSL is the secure protocol used to protect sensitive information on the web. You know you’re protected when you see the green-colored lock in the address bar, followed by HTTPS (instead of simply HTTP). In the past, SSL was seen as a requirement only for ecommerce transactions and forms that handle sensitive information. But more and more, SSL is becoming a requirement for all sites. Here are some upcoming “deadlines” that should convince you to add SSL to your site before the new year.
Starting in January, Google’s Chrome browser will mark sites that have password forms or credit card forms as non-secure if they collect that information over standard HTTP. Eventually, the plans are to mark ALL plain HTTP pages as non-secure–including the alarming red icon that alerts users of the risk to their personal data.
Beyond that, there are two different types of SSL. If you implemented SSL some time ago, you still may not be safe. The older “SHA-1” signing algorithm is no longer considered safe, and all sites are encouraged to switch to the newer, more secure “SHA-2” algorithm. Chrome 56 will roll out in January 2017, and the new Chrome version will flag all SHA-1 sites with a full-page warning, advising users NOT to proceed. Firefox will begin warning users in February 2017, and Microsoft browsers are slated to flag SHA-1 sites beginning in “early 2017.” You can check your own website’s SSL implementation by visiting https://shachecker.com.
Finally, WordPress (which now powers more than 25% of all websites) has announced that upcoming versions of the CMS will include features that require hosts to support HTTPS, for enhanced privacy and security.
So if you’re still dragging your feet on SSL, this is the time to act. January 2017 is your deadline.
If you have questions about this topic, or other questions/suggestions about website development, brand development, or digital marketing, please send an email to [email protected]. We appreciate your feedback, and enjoy helping you make the most of your brand and your online presence.