Internet4.05.2023

Chrome’s lock symbol is being redesigned because it confuses people

Chrome will redesign the lock icon which appears on the left of the search bar because almost nobody knows what it is meant to convey.

Google announced the decision this week, with the company saying the misunderstanding over the icon was not harmless as nearly all phishing sites also display the lock icon.

In the early days of the Internet, Hypertext Transfer Protocol Secure (HTTPS) — now the primary protocol used to securely send data between a website and a browser — was uncommon. 

It was so uncommon that Microsoft’s old web browser, Internet Explorer, would pop up with a notification to inform users that the connection was secured by HTTPS.

To let users know that the network connection is a secure channel between the browser and the website, the lock icon was introduced.

This provided assurance to users that the network connection couldn’t be tampered with and that no third pirates would have access to that information.

Nowadays, HTTPS is the norm, with Google reporting that 95% of page loads in Chrome on Windows use HTTPS. This change in circumstance provides a prompt to re-evaluate how security issues are indicated.

The search giant and Chrome developer said this re-evaluation was necessary anyway as the vast majority of users don’t know what the lock icon is supposed to indicate.

It also said an internal study in 2021 found that only 11% of users “correctly understood the precise meaning of the lock icon”.

Many phishing sites also use HTTPS, meaning the lock icon also appears when visiting malicious websites.

The lock icon does not simply indicate the trustworthiness or safety of a site and that is largely how the public currently understands the symbol. Organizations, including the US Federal Bureau of Investigation, publish explicit guidance that the lock icon is not an indicator of website safety.

To avoid this confusion, the lock icon on Chrome will be replaced with a variant of the tune icon.

“Replacing the lock icon with a neutral indicator prevents the misunderstanding that the lock icon is associated with the trustworthiness of a page, and emphasizes that security should be the default state in Chrome,” said the blog post.

The change will come into effect with Chrome 117 which will be released in early September 2023.


Read now: Serious Google Chrome security issue — update now

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter