Google developers have announced that the padlock icon displayed in the address bar of the browser will soon be replaced by a new one. This decision was first announced in 2021, when the company stated that such secure connection indicators were no longer necessary, as more than 90% of connections already use HTTPS. The original padlock icon was meant to show that the site uses HTTPS to encrypt connections. However, now more than 99% of all sites are already loaded in Google Chrome via HTTPS, making the icon redundant.
The misconception that the padlock icon indicates a site’s security is not harmless, as almost all phishing sites use HTTPS and display the lock icon. This has led many organizations, including the FBI, to publish guidelines that the padlock icon is not indicative of a site’s security.
The icon will be removed from the browser with the release of Chrome 117 in September 2023, and will be replaced with a different icon. This icon is usually used to denote settings-related interface elements, emphasizing that they can be clicked. When clicked, users will see the usual lock, informing that the connection is secured using HTTPS, as well as the permissions granted to the site.
