Despite months of reminders and warnings, more than one-third of websites will become inaccessible come 2017. There is barely a month left before major browsers using certificates signed with the SHA-1 hash, but 60 million-plus websites still rely on the insecure encryption algorithm, according to the latest estimates from security company Venafi.

Starting Jan. 1, Mozilla’s Firefox browser will show an “Untrusted Connection” error for sites using a SHA-1 certificate, and Google’s Chrome browser will drop all support for SHA-1 and completely block sites using SHA-1 certificates. Microsoft has said its Edge and Internet Explorer browsers will start blocking the sites outright on Feb. 1, 2017.

These error messages are different from the browser warnings users typically see for incorrectly configured site certificates, which users can ignore and still access the site. In the case of Google, Chrome will display a network error with no way for the user to bypass and still get to the site. Mozilla will allow Firefox users to override the error message if the issuing certificate authority is included in Mozilla’s CA Certificate Program.

Users will no longer be able to access these websites after the deadline, significantly disrupting business operations, warned Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. While there has been significant progress with the migration — Mozilla said last month that the use of SHA-1 on the web since May 2016 has dropped from 3.5 percent to 0.8 percent — enough websites are still relying on the weak certificates. These organizations are at risk for security breaches, compliance problems, and outages affecting security, availability, and reliability.

of identifying all the certificates that need to be changed, deploying and testing the new certificates, revoking old certificates, and setting up controls to manage the new certificates.

For many organizations, the process of migrating away from SHA-1 to SHA256 or other safer cryptographic functions is like an unpleasant visit to the dentist, Bocek said.