This article was been published more than a year ago. The information may be outdated.
Sometime in late 2016, I enabled HTTPS on the site, to make sure that this option was available to those who wanted to use it. I didn’t really think much of it, but was planning on moving to enforce usage at some point. Then came this post from Troy Hunt, where I learned that a change is coming. Where sites served over HTTP were previously simply not labeled as secure, they will be labeled as not secure when entering data with Chrome v. 62 (which is to be released in October of 2017), and likely always labeled as not secure in some later version. (Incognito mode treats this slightly different, as shown in the below graphic).
That was the kick to the rear I needed, and I started looking into enforcing HTTPS for everyone. As it turns out, there’s a plugin for that for us who use WordPress (actually, there are a lot of them), and I picked one called Really Simple SSL. Once installed, I activated it and hey presto! The site now enforces HTTPS. Actually, when I say “now”, I mean “since the beginning of August”. I’m going to guess that most, if not all of you, didn’t notice a single thing, and that’s just the way it should be. This isn’t a huge change, and it doesn’t really make any difference in using it, whether it is your use of it, or mine. It just works.