HTTPS adoption has surged over the past few years, mostly thanks to the availability of free SSL/TLS certificates from Let's Encrypt. Browser vendors have also been encouraging sites to switch to HTTPS, and Google said earlier this year that Chrome would eventually mark all HTTP-only sites as 'Not Secure.'

Chrome 68 is due to be released tomorrow (at least on desktop platforms), and it's the first release that will display a 'Not secure' message in the address bar on HTTP pages. Chrome already displays the message on HTTP sites with data entry fields, but starting tomorrow, all non-secure pages will be shamed.

The change is important because it will add further pressure for sites to support HTTPS (if they haven't already). HTTPS ensures the connection between you and the site you're visiting is secure, meaning the content cannot be tampered with by your ISP or government. Beyond that, most newer browser features (like Service Workers, which allow sites to send notifications) are blocked on insecure connections.

The message will also bring attention to sites that have not configured HTTPS correctly. For example, CloudFlare says that around 157,000 major sites don't automatically redirect HTTP pages to the HTTPS version.

Google published a blog post today about the above changes, and shared some interesting statistics. The company says that 76% of Chrome traffic on Android is encrypted, up from 42% two years ago. In addition, 85% of Chrome OS traffic is secure, and 83 of the top 100 sites on the web use HTTPS by default.