Update: With the launch of Chrome 68 in July 2018, Chrome now flags all HTTP pages as Not Secure, not just HTTP pages with not secure form fields. Find out more here.
The Chrome browser recently made a change to start reporting a security warning for any HTTP pages which contain a secure form field.
The forms fields which Google considers to be secure, are password fields;
<input type="password...
and credit card information fields.
<input name="ccname"...
<input name="cardnumber"...
<input name="cvc"...
<input name="cc-exp"...
Google Search Console is sending out warning emails when they find these types of form fields on individual pages as they are crawled.
DeepCrawl will now also detect these types of input fields on any page, and flag any pages with a new boolean metric called ‘secure_form_input_field’.
In addition, we have added a new boolean metric called ‘https’ which is set to true for any page with a URL that starts with https://, so you can use this for additional filtering in reports.
We have combined these 2 new metrics to create a new report called ‘Non Secure Form Fields’ which includes any pages which have these fields, and are using http protocol.
