Google Chrome has decided to replace the traditional security padlock with a new settings icon. This decision stems from a constant evolution of security standards and a mass adoption of the HTTPS protocol.
1. The story of the padlock:
- Since the first versions of Netscape in the 1990s, browsers have always displayed a padlock to indicate that a site is loading over HTTPS.
- In 2013, only 14% of Alexa Top 1M sites supported HTTPS. However, today, over 95% of pages loaded in Chrome on Windows use HTTPS.
2. Why replace the padlock?
- Evolving standards: Over time, HTTPS has become the standard, making the padlock less relevant as a security indicator.
- Misinterpretation: Despite efforts to clarify its meaning, only 11% of participants in a 2021 study understood precisely what the padlock meant. Additionally, almost all phishing sites use HTTPS and display the padlock, thereby misleading users.
3. Why the setting icon?
- Does not suggest “trust”: Unlike the padlock, this icon does not give the impression that the site is necessarily trustworthy.
- More intuitive: The icon seems more clickable and people generally associate it with settings or controls.
- Access to Information: Many users were unaware that clicking the padlock displays important information and controls. The new icon aims to make these elements more accessible.
4. When will this change take place?
- Chrome plans to launch the icon with version 117 in September 2023, as part of a general design update for desktop platforms.
- On Android, the change will occur at the same time as on the desktop. As for iOS, the padlock will disappear completely.
Bottom Line: Considering the growing adoption of HTTPS, Chrome and the security community at large see replacing the padlock as a logical step. This initiative aims to strengthen online security and avoid common misunderstandings related to the padlock. Read this article to learn more. You can check out our blog for similar content.