Google Search Console Notifications: Nonsecure Collection Of Passwords In Chrome

Dec 27, 2016 • 8:43 am | comments (11) by twitter Google+ | Filed Under Google Search Engine Optimization
 

Google is now sending mass messages via the Google Search Console about making sure your login box is served over HTTPS. Many sites have logins on HTTP, non secure pages, and with Chrome 56. The warning says "Nonsecure Collection of Passwords will trigger warnings in Chrome 56 for domain.com."

The warning goes on to read:

Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over HTTPS.

The following URLs include input fields for passwords or credit card details that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, and so you can take action to help protect users’ data. The list is not exhaustive.

Here is a screen shot:

The solutions are:

(A) Switch your site to HTTPS completely

or

(B) Link to an HTTPS secure page that lets your users login there, as opposed to logging in on a page that is HTTP, not secure.

Forum discussion at Twitter.

Previous story: How To Join The Last Google Webmaster Hangout Of The Year
 
blog comments powered by Disqus