Google has announced a move it hopes will push websites to become more secure in the wake of headlines about a Russian crime ring collecting more than 1 billion internet passwords, not to mention ongoing revelations about the National Security Agency’s secret surveillance of some online activities.
The company said Wednesday it will start rewarding websites that use encryption by giving them slightly higher search rankings.
If you don’t know what an encrypted website looks like already, try the following: go to the top of your web browser where the url address is displayed, and look for a picture of a little padlock.
If you see a padlock (and/or the letters “https” in front of the “www”), that means the website you are on is secure and encrypted. If you don't see those signs, the site is probably not encrypted.
Most e-commerce sites already have the little padlock.
“But any of the sites that are just content sites -- that you don't have to log in to, that you just read -- most of those sites probably do not,” says Barry Schwartz, of Search Engine Land, a website about internet search.
In fact, Schwartz's own website does not currently have that little padlock. Neither does Marketplace, the New York Times (with the exception of pages devoted to subscriber account information), or for that matter, my woefully out-of-date personal wordpress site.
It’s not that hard for a web developer to convert an unencrypted site into an encrypted one, says Schwartz. But it can take time and money to make sure the process is done right, especially for sites with a lot of existing content.
Google's decision to boost search results for sites that take these steps adds a bit more incentive.
That’s a good thing, says Roger Kay of tech research firm Endpoint Technologies, because even if you are just browsing content, an unsecure link can leave your computer more vulnerable to hackers.
“They can take it over, they can turn it in to part of bot net, they can fish around in it for passwords and things that lead to money,” Kay says.
Even an https website that has that little padlock can never be 100 percent secure, he says. But encryption measures definitely help.