For those WordPress site owners that don’t yet have SSL certificates for their websites, time is running out. Google has announced that beginning January 2017, any websites without SSL certificates collecting passwords or credit card information will be marked as non-secure in Google Chrome. Chrome indicates connection security with an icon in the address bar and Google’s long term plan is to mark all websites without SSL certificates as being not secure.
As per the Google Security Blog, “In following releases, we will continue to extend HTTP warnings, for example, by labeling HTTP pages as ‘not secure’ in Incognito mode, where users may have higher expectations of privacy. Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.”
More information is available on the Google Security Blog