Web browsers often dispay a lock icon in the address bar to indicate secure HTTPS connection. Google Chrome and Microsoft Edge displays this icon. Back in July, Google announced that the lock icon is misunderstood by users. The meaning of the lock icon is that you are connected to a secure HTPPS connection, but often users think that the lock icon implies a trustworthy website. To eliminate this confusion, Google said they will be dropping the lock icon and will find a better alternative icon, which is the down arrow.
As Google stated:
As we approach an HTTPS-first future, we’re also re-examining the lock icon that browsers typically show when a site loads over HTTPS. In particular, our research indicates that users often associate this icon with a site being trustworthy, when in fact it’s only the connection that’s secure. In a recent study, we found that only 11% of participants could correctly identify the meaning of the lock icon. To try and reduce this confusion, Chrome will run an experiment in M93 that replaces the lock in the address bar with a more neutral entry point to Page Info (example below). We hope that this experiment will improve the discoverability of critical privacy and security information and controls provided in Page Info, such as site permissions. Importantly, a “Not Secure” indicator will continue to show on sites without HTTPS support, and the experiment includes an enterprise policy in case organizations want to opt-out. In all cases, we’ll provide advance notice if we decide to move ahead with a full launch.
After the announcement, Google has not yet brought thr chabge to Google Chrome. On the other hand, Microsoft has started rolling out the new down arrow icon to selected users of Edge Canary. Spotted by Reddit user u/Leopeva64-2, Edge Canary now displays the down arrow icon instead of the lock icon for implying secure HTTPS connections.
