Much of the web has switched to secure links—that is, when you type in a site like pcworld.com, it serves its pages over an https (“hypertext transfer protocol secure”) connection rather than over non-secure http. But not every website operator has yet.
From a security standpoint, http leaves users open to exploits. Try to load an http connection and you open a window for bad actors to insert exploits, malware, or social engineering attacks.
The development team at Chrome knows this is a problem, so in one year, the browser will shift its approach. Starting in October 2026 with the release of Chrome 154, Chrome will disallow all http connections by default.
But wait, you might be saying. I’ve already seen Chrome flag sites as a privacy error for not being served over https. Yep, you’re correct. That warning has been around for a while, but it doesn’t block the connection. It also just shows up for sites that are only served as http. Chrome doesn’t yet flag or block connections that attempt to first reach the http site and then are automatically redirected to a version served over https.
As the Google blog post about this upcoming change points out, even this kind of redirection provides the opening an attacker would need. Worse, because the “Not secure” warning doesn’t pop up in Chrome currently, users don’t even know they’ve made themselves vulnerable at that moment.
Why now the move to https as a default? This change was long-planned, with the tipping point influenced by the adoption rates for https across the web. From its own statistics, Google estimates the number of sites delivering https connections between 95 to 99 percent, up from just 30 to 45 percent in 2015.
If you’re worried about being hit with constant warnings (akin to those ubiquitous cookie setting notifications), Google has been quick to assure that it will balance security against usability. This default will apply to public sites, which overwhelmingly use https by default. The sticking point will be more so private sites like a router’s IP address (e.g., 192.168.1.1), but Chrome will only pop a warning on new or not-often visited sites.
As for the reason for the long roll out, the timeline allows websites to fully switch to serving pages over https. Chrome will also phase users into this new default. Those already enrolled in Enhanced Safe Browsing will get moved to “Always Use Secure Connections” as their default starting in Chrome 147, slated for release in April 2026.
The good news is that, according to Google’s own testing, users will rarely see intrusive pop-up warnings. So there’s really no reason to wait for the changeover to happen eventually. You can make the switch manually yourself now.
Just navigate in Chrome to chrome://settings/security, then scroll down and flip the toggle for Always use secure connections. On the rare occasions you see http connections, you’ll first see a warning screen about a lack of https. If you continue on, the page will load and you’ll see the familiar privacy error warning, which still requires you to click a couple of times before you see the site.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.