Google is making security a ranking signal and has begun by encouraging webmasters to switch over to using HTTPS, or Hypertext Transfer Protocol Secure.
A website that uses HTTPS is often identified by its URL, such as https://mail.google.com. This means the website uses the security protocol Secure Sockets Layers (SSL), which uses security certificates so that all information sent to and from the website to the user's computer is encrypted. A website with SSL is considered more secure as it prevents unauthorized parties from intercepting information about a user's activities and using it for malicious purposes.
Webmaster Trends analysts Zineb Ait Bahaji and Gary Illyes wrote a blog post on Wednesday saying they have been conducting tests that take into account whether websites use encrypted connections, and they say the results have so far been positive, which prompted Google to consider the use of HTTPS as a factor to be considered when determining a website's search ranking.
"For now it's only a very lightweight signal - affecting less than 1% of global queries, and carrying less weight than other signals such as high-quality content," says Bahaji and Illyes in their blog post. "But over time, we may decide to strengthen it, because we'd like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web."
SSL certificates can be purchased in single, multi-domain and wildcard packages. Google encourages webmasters and developers to use a 2048-bit key certificate for their websites and has published a separate article that instructs website owners on how to move their websites by changing the URL. The search company also recommends that webmasters do not use robots.txt to prevent Google's bots from crawling their HTTPS website. Webmasters who already have HTTPS on their websites can also test their websites using the Qualys Lab tool.
The announcement has gained a significant following since its publication, with more 1,300 comments from people who mostly support the new focus on security or have felt that Google has been cooking up the change for a while. Google has, in fact, started using an HTTPS connection for its Search, Gmail and Drive websites, which prevents hackers from snooping in on searches, emails and documents sent across the web.
A few commenters, however, have raised issues that the measure provides only a false sense of security, since most hackers penetrate data stored in databases and not information currently in transit. Others are concerned about the potential costs of owning an HTTPS website.