Google Chrome to launch an HTTPS-First Mode

HTTPS, the protocol that SSL enables on websites, is key to ensuring a more private web ecosystem where data is protected. When HTTPS is enabled, it ensures that the connection between a user’s browser and a website’s server is encrypted, preventing any third party from stealing any information shared over the connection. HTTPS is the reason why does what it does and also why there has been a massive campaign from major web browsers to ensure websites are secured by SSL.

Thankfully, HTTPS has become more widely adopted across the web in recent years, but Google Chrome has plans to push it even further with some upcoming changes to how the browser works. 

HTTPS-First Mode

Chrome 94, set for release in September 2021, will introduce what they call HTTPS-First Mode. If users choose to turn it on, Chrome will attempt to upgrade all website connections to HTTPS, regardless of whether they have an SSL certificate. For pages that won’t support HTTPS, Chrome will display a warning declaring the site “not secure” to website users who want to proceed. This new feature will basically serve as a test run for making HTTPS-First Mode the default in future Chrome releases.

For those who choose not to switch on HTTPS-First Mode, HTTP websites will still be supported, but users will continue to be greeted with the “site not secure” message that has become commonplace in recent times. 

No more padlock?

Chrome will also experiment with the padlock icon featured in the address bar of SSL-secured sites. In Chrome M93, Chrome is testing out replacing the lock with an arrow symbol. This move is due to user confusion. Many don’t know the actual meaning behind the lock icon. In a recent study, Chrome found that only 11% of respondents knew that the padlock indicates a secure connection, while the majority presumed that it indicated the entire site was trustworthy.

When clicked, the arrow symbol will reveal the same information to the user as when they click the padlock, but hopefully, the more neutral entry point will result in less confusion over what HTTPS actually does and what it doesn’t do.

Wrap up

These changes make for an exciting new development in the world of SSL and HTTPS. With Firefox having recently launched its own HTTPS-Only Mode, it looks as if this type of security-enhancing feature might be the future of web browsing.

Share on Twitter, Facebook, Google+