In a bid to address the evolving landscape of online security, Google is updating its Chrome browser to replace the traditional HTTPS lock icon with a note symbol. This change follows Google’s ongoing efforts to enhance its menu icons, as seen in the Chrome Canary version.
The reason behind replacing the HTTPS lock icon is that Google views it as a historical remnant. In the past, when a website enabled HTTPS connections, browsers would specifically notify users of the encrypted communication. However, nowadays, nearly all websites use HTTPS encryption, including phishing sites.
Tests have shown that most users are unaware that clicking the lock icon in the address bar provides more information and controls. Even the FBI has issued a warning that the presence of a lock icon does not necessarily guarantee a website’s safety, as phishing and scam websites also employ encrypted connections.
This change mirrors Google’s previous addition of a “secure” text label to the HTTPS lock, which aimed to promote HTTPS usage and favor encrypted websites by displaying the word “secure” in the address bar.
However, this approach inadvertently made it easier for users to trust phishing sites. Consequently, the “secure” text label was removed, leaving only the gray lock icon. Google now believes that even the gray lock icon is outdated and should be removed altogether.
The new note symbol implies access to more information, allowing users to view connection details, cookies, and permission settings when clicked. It will also prevent novice users from assuming a website is secure just because of the icon. These new icons are expected to arrive with Chrome 117, scheduled for release in September 2023.
Users of Chrome Canary can enable the new icons in advance, and further details can be found in the article: “Rare! Google Chrome Undergoing Redesign with Refresh2023 Aiming for a New Look.“