Set to be introduced in Chrome 86, the feature targets the so-called mixed forms (they are found on HTTPS pages that submit over HTTP), which are considered a risk to users’ security and privacy.

Because the data transmission is not performed over a secure connection, the information introduced by the user in those forms is visible to eavesdroppers, meaning that malicious actors can read or change the form data.

Chrome versions prior to 86 mark mixed forms by removing the lock icon from the address bar.