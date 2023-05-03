Google Chrome HTTPS Lock Icon Is Going Away: Here's What Is Changing With Your Favorite Browser
According to Google, many people think that the lock icon means that a website can be trusted
Google announced today in a blog post that it will soon remove the lock icon and replace it with a variant of the tune icon.
While first introduced to show that a website was using HTTPS encryption to encrypt connections, the lock symbol is no longer needed given that more than 99% of all web pages are now loaded in Google Chrome over HTTPS.
These also include websites used as landing pages in phishing attacks or other malicious purposes, designed to take advantage of the lock icon to trick the targets into thinking they're safe from attacks
While it won’t necessarily make websites unsafe, this visual change is likely to confuse website visitors who rely on the lock icon to determine whether or not a site is secure.
“HTTPS was originally so rare that at one point, Internet Explorer popped up an alert to users to notify them that the connection was secured by HTTPS, reminiscent of the “Everything’s Okay” alarm from The Simpsons. When HTTPS was rare, the lock icon drew attention to the additional protections provided by HTTPS. Today, this is no longer true, and HTTPS is the norm, not the exception, and we’ve been evolving Chrome accordingly.”Chrome’s announcement explained:
Why HTTPS Lock Icon Is Going Away
Google has argued that the decision was driven by a desire to better communicate to users the meaning behind secure connections; representing realms which are encrypted and potentially more secure than unencrypted ones without implying a false sense of security or trust.
The company will continue to display other indicators such as green HTTPS scheme labeling and specific warnings about certificate misconfigurations when necessary, but for many people, a single sign of security will no longer exist.
In their blog, they have explained about it by saying, "By replacing the lock icon with a neutral indicator, Chrome can avoid misunderstandings about the association between the icon and the trustworthiness of a page. Our research has indicated that some users were unaware that clicking the lock icon would show important information and controls. The new icon aims to make permission controls and additional security information easier to access, while minimizing confusion."
Even though Google intends for this move to ultimately benefit their users by prompting them to pay closer attention to their web activity, it remains unclear what effects these changes might have on user behaviors going forward
New HTTPS Tune Icon
Google is updating the HTTPS icon in order to more accurately communicate the HTTPS status of a website as secure but without inadvertently implying safety. This new icon is will be called as a tune icon
“We think the tune icon: Does not imply “trustworthy” Is more obviously clickable Is commonly associated with settings or other controls”Chrome’s statement explained the reasons for choosing a tune icon:
Read the official announcement by Chrome where they have given detailed update on the lock icon