Security Awareness – Chrome Removes Lock Icon Symbolizing the Use of HTTPS

The Chromium Project has posted a blog announcing the removal of the lock symbol used to represent whether a page is utilizing HTTPS in Chrome. The project’s reasoning behind this change is that HTTPS has become such a ubiquitous protocol that the purpose of the lock to signify whether a page is secure has become redundant. In many cases, the use of the lock has even been actively harmful as most users believe the presence of the lock also indicates that a website is trustworthy, despite the fact that phishing websites and other online infrastructure utilized by threat actors also utilizes HTTPS. Chrome 117 will replace the lock icon with a more neutral “tune” icon, which is often used to symbolize controls and settings. Members are encouraged to share this development with users who might be confused since conventional guidance has been to “look for the lock,” even though it’s largely irrelevant in determining a legitimate site from a malicious one. Read more at Chromium.