
Ask HN: Why did Google just push a chrome update removing the “Not Secure” flag? - chipperyman573
I just updated my chrome (Windows Stable) branch to version 57.0.2987.98. chrome:&#x2F;&#x2F; pages have their own flag now, HTTPS pages still have the &quot;Secure&quot; flag but HTTP pages just have the unlocked icon. Does anyone know why Google did this? It seems unlike them to rollback a change like this.
======
joshschreuder
Looks like it's only for HTTP pages with credit card or password inputs in 56:

[https://developers.google.com/web/updates/2016/10/avoid-
not-...](https://developers.google.com/web/updates/2016/10/avoid-not-secure-
warn)

Did they remove it for those cases too?

------
detaro
Is the "not secure" gone from all pages? I thought it was only supposed to
show on pages with password fields?

~~~
chipperyman573
I was under the impression it used to be on all pages. I just checked
[http://http-password.badssl.com/](http://http-password.badssl.com/) and it
still showed up there, maybe you're right.

------
skyisblue
The http site you were viewing may have just removed a login form from their
menu, which would have removed the not secure label from the browser.

