Google did not say it exactly, but if you read between the lines (“long-term plan to mark all pages“) – This is what Google will do, I am 100% sure about that.
This is the message Google is sending to the “bad boys” today:
Nonsecure Collection of Passwords will trigger warnings in [hidden]
To: owner of [hidden]
Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over HTTPS.
The following URLs include input fields for passwords or credit card details that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, and so you can take action to help protect users’ data. The list is not exhaustive.
The new warning is the first stage of a long-term plan to mark all pages served over the non-encrypted HTTP protocol as “Not Secure”.
Here’s how to fix this problem: