The little closed padlock on the left hand side of your browser is your Google chrome indicator that you are browsing via HTTPS. This means that your web traffic is encrypted so third parties cannot spy on most of the information you are sending.
However, with scammers’ recurrent ingenuity in their craft, secure looking HTTPS websites can still store HTTP forms for you to fill in your personal information including your passwords.
Google Chrome 86 will use big bold warnings which will be more prominent every time you are on an unsecured website. If you decide to go ahead and submit the information anyway, you will get an “are you sure?” warning.
Chrome 86 will also disable autofill on the mixed forms. If you are on a website and your password managers and auto complete keyboards do not populate the forms, that will be a warning in itself.
Previously, Google only used the lock next to the URL, removing the lock when it detected a HTTP website or form. However, Google says that “users found this experience unclear and it did not effectively communicate the risks associated with submitting data in insecure forms.”
That is pretty accurate because only few of us ever really pay attention to the small lock next to the URL. In most cases, the only red flag people pay attention to is a whole page kind of direct warning that the page you are about to enter is unsecured.