04 August 2023 Reading time: 3 minutes

There is no more padlock. But SSL is still necessary


The history of the padlock in browsers begins with early versions of Netscape in the 1990s. This small icon became a symbol to signify a secure connection via HTTPS. At the time, HTTPS was rare, and the padlock drew attention to the extra protection provided by the protocol.

Over the past decade, browsers, including Chrome, have actively participated in the initiative to increase the use of HTTPS in the Internet ecosystem. In 2013, only 14% of websites were using HTTPS. But thanks to support for using the secure protocol, it has become the norm - over 95% of sites now use secure channel transfers.

The first changes: loss of meaning

With the spread of HTTPS it became clear that the padlock icon was no longer serving its original function. In 2016, Chrome redesigned the icon after research showed that users misunderstood its meaning. However, even after the changes, only 11% of participants in a new 2021 study correctly explained the exact meaning of the icon.

"When HTTPS was rare, the blocking icon drew attention to the extra protection provided by HTTPS. Today, that's no longer the case and HTTPS is the norm, not the exception, and we're evolving Chrome accordingly", — Google stated.

With this in mind, Chrome has continued to develop new methods of displaying security in the browser. According to Google, they will be clear and clearly display the security of the site. Not so long ago Google announced that already in September this year there will be changes in the familiar symbol of the padlock.

New changes: life without the lock

Google plans to hide the lock icon in the address bar in the desktop version of the Google Chrome 117 browser. A settings icon will appear instead. The changes will take effect August 16-24 for the beta version and September 6 for the stable version.

The developers said that the information from the lock will not be completely removed: it will still be available by clicking the Settings icon. And in the "Secure Connection" section, users will still be able to see information about the SSL certificate. Websitesites without certificates will still be marked as insecure.

Therefore, we recommend that you use an SSL certificate for all your websites. You can choose the right one for you on our website in the SSL Certificates section. You can also learn more about the differences between the different types of certificates.

How to try?

You can already see what the new icon will look like in Chrome.

To do this, open a Chromium-based browser.Then type chrome://flags and press Enter. On the page that opens, type chrome-refresh-2023 in the search and set it to Enabled. If you don't feel like doing all this, just take a look at the screenshots:

New icon
A new icon in the Chrome browser. For now, this view is in the experimental features section, but in the future, the developers promise that this is how it will look in the main product as well.
A click on the icon will open the secure connection section with that very padlock.
Not secure
Websites without certificates will be labeled "Not secure"

What’s next?

Currently, most browsers (for example, Opera and Edge) are based on the Chromium kernel, so the change will eventually affect most users. This innovation may make users pay more attention to what sites they visit and check the security of their connection. What Google is saying is that a padlock alone is no guarantee of security. If people get in the habit of checking the details of a secure connection, there will be less opportunity for scammers to trick you with a fake site with a free certificate. You can learn more about how companies verify before issuing certificates and how to buy one on our SSL Certificates page.