Casual users rarely notice them, but HTTP (or, http://) and HTTPS (https://) are both options for the start of a URL, showcasing an important difference in all those web pages you visit on a daily basis.
HTTP remains focused on presenting the information but cares less about the way this information travels from one place to another. Unfortunately, this means that HTTP can be intercepted and potentially altered, making both the information and the information receiver (that's you) vulnerable.
HTTPS protocol is simply an extension of HTTP. That "S" in the abbreviation comes from the word Secure and it is powered by Transport Layer Security (TLS), the standard security technology that establishes an encrypted connection between a web server and a browser.
Without HTTPS, any data you enter into the site (such as your username/password, credit card or bank details, any other form submission data, etc.) will be sent plaintext and therefore susceptible to interception or eavesdropping. For this reason, you should always check that a site is using HTTPS before you enter any information.
But secure-looking HTTPS websites can still house insecure HTTP forms for you to fill in your passwords and other personal data — and Google is planning to do something about that in Chrome 86, coming this October (9to5google.com)
According to Google's official blog post. Google Chrome will give you some warning which will alert you that the website form is not secure. The Primary warning looks something like this:
And still if you try to submit your information anyway, you'll get a second warning "are you sure?" somewhat like shown in below image:
Google also plans to disable autofill on these so-called "mixed forms," so that your password managers and auto-complete keyboards don't automatically drop in the text should be a third form of warning.
Google previously tried to alert users to this issue by removing the lock icon when it detected an HTTP form, but the company says "users found this experience unclear and it did not effectively communicate the risks associated with submitting data in insecure forms."