Chrome will remove the lock icon for HTTPS pages.

To avoid giving users a false sense of security.

As part of the upcoming redesign, the Chrome browser will remove a popular visual element that users often misinterpret: the lock icon in the address bar of HTTPS pages.

Browsers have displayed such an icon since the days of Netscape in the 90s. Back then, the HTTPS protocol was rare, and it was important to highlight the advantages it provided for user security. However, now about 95% of the pages opened in Chrome on Windows use HTTPS. Given this, it's time to change how the browser and users assess security.

Moreover, the lock icon can increase trust in a site that doesn't deserve it. Despite Google's efforts to explain that the icon only indicates compliance with minimal data protection requirements, users typically do not delve into this. A 2021 survey showed that only 11% understand what this icon represents, and organizations like the FBI even had to issue warnings that the lock icon does not guarantee website security.

In the Chrome 117 update, which will be released in early September, the lock icon for HTTPS pages will be replaced with an icon resembling two switches. This does not imply trust in the site and is more often associated with settings, making it clearer for users that it can be clicked. Sites using the HTTP protocol will still be marked as unsafe.