Back in 2014 Google used their significant influence to encourage sites to adopt HTTPS by using security as a ranking signal. I was a little wary of this approach as it seemed like an overbearing use of power. Despite my skepticism security as a ranking signal was growing in importance even though it carried significantly less weight than good quality content. I avoided the change to HTTPS for years because I felt that in the absence of critical or private data a site like mine simply did not need this layer of security. Now, after years of stubborn protestation I have finally moved to enable HTTPS on this site.

Obviously this was long overdue for many reasons, first I did not have a secure way to login to my site, this meant I was unable to administer any significant changes or really post new content from unknown networks like hotels, or even a local Starbucks without putting my content at risk. Also I have noticed that some cable providers have a intrusive habit of injecting text into unsuspecting sites, end to end security of this type now feels necessary for even the most rudimentary of web browsing scenarios.

One other thing I noticed is that browsers (starting with Chrome) are marking unencrypted connections as insecure. So while user agents spent the better part of the last decade training people to look for a padlock to denote secure connections for banking and personal data, we may see our habits altered to avoid insecure connections in general. In this age of mass surveillance and data collection this is probably the equivalent of closing your blinds at night.

Related Posts