Encrypt every website with SSL/TLS
The browser community is not messing around when it comes to its push for universal encryption. Though the browsers originally started by incentivizing HTTPS, today they are actively penalizing websites that are still served via HTTP.
Early in 2017 Google began warning users when websites had insecure login fields. Then in October, the warning expanded to any insecure text field. In July, Google Chrome will mark all HTTP webpages as not secure. Later in 2018, Google plans to make the Not Secure warnings more forceful, as they push for all websites to switch to HTTPS.