Additionally this flag is available for Chrome 57.x: chrome://flags/#enable-http-form-warning Now an in-form warning is displayed directly below the fields while entering data.
Yes, I've noticed this new flag also. Though don't have a site to test it I've enabled them both, so http is more visible.
Test here: http://www.androidpolice.com/2017/04/27/chrome-62-will-mark-http-pages-data-entry-fields-not-secure/
Try this: http://voidtools.com/forum/ucp.php?mode=login Type something in into these fields and the in-form warning should appear
Firefox 53 does the same... https://support.mozilla.org/en-US/kb/insecure-password-warning-firefox?as=u&utm_source=inproduct
As the Web moves toward HTTPS by default, Chrome will remove “secure” indicator https://arstechnica.com/gadgets/201...-default-chrome-will-remove-secure-indicator/
Google Chrome update to label HTTP-only sites insecure within WEEKS https://www.theregister.co.uk/2018/07/03/google_chrome_http/
I gotta say that Let's Encrypt was quite easy to setup securely. It took me a few tries to get it right for https://vpntesting.info/, testing with https://www.ssllabs.com/ssltest/. But I did: https://www.ssllabs.com/ssltest/analyze.html?d=vpntesting.info&hideResults=on
I always prefer private "self created" certificates where the OWNER publishes the sha256/512 fingerprint on their website stating that any other fingerprint means you have been MITM'd or worse. Then I set software which automatically confirms the cert before I even log in. Used to be like that here, but its changed now.
Despite Chrome’s pending “mark of shame,” 3 major news sites aren’t HTTPS Newsweek, Time, and Fox remain vulnerable to injection, man-in-middle attacks. July 6, 2018 https://arstechnica.com/information...mark-of-shame-3-major-news-sites-arent-https/
