Following on from my post the other day about how the current beta version of Chrome has the ability to mark websites as Not Secure. Google has now confirmed this will be implemented in Chrome 56 release version.

Chrome 56 with password over HTTP

The initial release scheduled for January 2017 will be slightly softer than our original screenshots. The Not Secure highlight will only appear if the website asks for password or credit card information. Yes there are websites out there that ask for sensitive information without using HTTPS.

Chrome also plans to highlight any website using just HTTP as Not Secure if you are using Incognito mode. This is to help highlight the lack of security where a user has a greater expectation of privacy.

Future releases will start moving towards the red triangle warning.