Currently, if a website is on HTTPS, we can see a padlock. If a website is not secure (HTTP), the domain just doesn’t show the padlock. Other browsers have a more aggressive behavior (which should be due to security concern) throwing a warning or even asking a user to take an extra step if they want to check the unsecured website.

I checked a website, I couldn’t tell that it’s on HTTPS. I had to click on the address bar, and then checked the address to see it wasn’t using HTTPS.

I know HTTPS website will have a padlock, but HTTP website should be more obvious and throw a warning!

I believe this is very important even though you won’t most of the time notice it!