Google has been a fan of HTTPS for a long time, and has incrementally taken steps to nudge websites towards improving their security - this latest step is the loudest. By implementing proper security, websites are able to cut down on a variety of nefarious activities, which in turn helps Google point people to legitimate websites. This is one of the reasons Google uses HTTPS as a quality factor in how they return search results; the more secure the website, the less likely the visitor will be making a mistake by clicking on the link Google provided
Starting in July 2018 with the release of Chrome 68, all unsecured HTTP traffic will be flagged in the URL bar as “not secure”. This means that for all websites without a valid SSL certificate this notification will appear.
When HTTPS initially began rolling out, proper implementation was hard, slow, and expensive; it was hard to implement properly, slowed down Internet requests, and increased costs by requiring expensive certificate services. None of these impediments remain true, but a lingering fear still exists for a lot of website owners, which has impeded some taking the leap into better security. Let’s explore some of the myths about HTTPS.