Email
Password
Remember meForgot password?
    Log in with Twitter

article imageGoogle kills Chrome's most confusing icon

By James Walker     Oct 14, 2015 in Technology
Google has simplified a Chrome feature which has often confused users and created more questions than it was supposed to answer. The Page Security address bar icon now indicates more clearly whether a website is secure, protected and safe to visit.
As Ars Technica reports, the change will be rolling out to all users via the Chrome 46 update released today. It is intended to make page security clearer to users while encouraging site administrators to continue the move to using secure HTTPS technology.
In Chrome 46, a page using HTTPS has a green padlock icon in the address bar. A blank white page is shown for sites using standard HTTP while ones with HTTPS that isn’t functioning correctly have a red X and a struck-through address, indicating they may have been compromised.
Older browser versions also supported another state, symbolised by a grey padlock with yellow exclamation mark. This was displayed on sites which use HTTPS but are experiencing "minor" issues with the technology, a less severe risk than "Broken HTTPS" but unable to reach the usual "green padlock" state due to the errors.
The simplified Page Security icon in Chrome 46
The simplified Page Security icon in Chrome 46
Google
Google has found that this icon frequently confused users when compared with the white page used for insecure HTTP. It said in a blog post it has decided "it is better not to emphasize the difference between these two states to most users."
It said it has made the change to use only three security states because it gives a better visual indication of the page security relative to HTTP while making the different states more accessible to users. From today, sites that formerly had the "HTTPS with minor errors" state will now display the same white page icon as insecure HTTP-based ones.
Google isn't finished yet though. It acknowledges that most people aren't likely to appreciate the difference between HTTP and HTTPS and would rather see at-a-glance whether a webpage is secure or not. It plans to reduce the icon down to just two states, secure or insecure, in a future update, presumably by eliminating the green padlock and displaying red warnings on insecure sites.
The HTTPS with minor errors icon was primarily displayed on websites using "mixed content." As administrators are likely to update their servers to use HTTPS in a progressive manner, some content hosted on a different server may be loaded over an insecure connection even if the main page can be delivered with HTTPS. For example, the text of an article may be stored on a server supporting HTTPS but the images may still be loaded with HTTP. This difference would prompt Chrome to use the "minor errors" icon.
Google says this has actually had an adverse impact on the adoption of HTTPS, noting that some webmasters may be put off migrating to the secure technology if visitors are being told their site may be insecure as different content types are brought across.
The company says: "During this process, the site may not be fully secured, but it will usually not be less secure than before. Removing the yellow "caution triangle" badge means that most users will not perceive a warning on mixed content pages during such a migration. We hope that this will encourage site operators to switch to HTTPS sooner rather than later."
Chrome 46 is now publicly available and will be automatically installed over older versions in the next few days. Google hasn't said how long it will take to complete the transition to only having two security states, instead writing that the abolition of the mixed content warning is a "small step" in that direction.
More about Google, Chrome, Google chrome, Browser, Icon
 
Latest News
Top News