Google's Chrome browser is now shipping all unencrypted websites as "unsafe" from today's Chrome 68 release. The change applies equally to all HTTP sites that now display a "not sure" image in the address bar. HTTPS-enabled sites are not affected by the change.
Chrome was first announced in February and is the latest step in Google's multi-pronged approach to encryption on the Internet. Login pages have seen similar "non-secure" alerts since 2016, with gradually increasing alerts for expired certificates. Google has also boosted substantial HTTPS-enabled sites in search rankings since 201
In a blog post announcing the change, Google described it as a "milestone for Chrome security."  A New Warning Model Model Distributed by Google in February
Along with the product-based bumps, Google has funded significant research into the HTTPS underlying encryption standards and donated server time to a SHA-1 collision in February 2017 demonstrate.
HTTPS is a form of Internet encryption that ensures the connection between the user and the websites they visit. Web sites and ad networks that are delivered without encryption are vulnerable to malware injection, a common tactic for low-level cybercriminals.
HTTPS certificates and protocols are widely used – often for free – either through content distribution networks such as CloudFlare or public service projects such as Let's Encrypt. This availability has led to increased acceptance in recent years. Google's own HTTPS statistics show that 84 percent of the pages loaded by US Chrome users are currently encrypted, compared to 47 percent in July 2015.