Google is preparing a major security update for Chrome that will change how users access websites starting in 2026. The company announced that from October 2026, with the release of Chrome version 154, the browser will automatically enable the “Always use secure connections” setting.
This means that Chrome will require explicit user permission before allowing access to any website that doesn’t use HTTPS, the secure communication protocol that protects data from interception or tampering.
Stronger Protection for Users
The move is part of Google’s ongoing efforts to make web browsing safer by reducing exposure to insecure HTTP connections, which are commonly exploited by attackers to inject or modify data.
To avoid overwhelming users with repeated alerts, Chrome’s new system will display a single warning the first time a user attempts to visit a non-HTTPS site. The focus will primarily be on new or infrequently visited pages, minimising interruptions during everyday browsing.
Gradual Rollout and Testing
Google plans to begin testing the feature in April 2026, coinciding with the release of Chrome 147. Initially, it will be available only to users who have Enhanced Safe Browsing enabled—a feature already protecting over one billion users.
By October 2026, when Chrome 154 is launched, the feature will be expanded to all Chrome users worldwide, making HTTPS connections the default browsing standard across the platform.
It’s worth noting that this rule will apply only to public websites. Internal networks, such as corporate intranets, private servers, or local addresses, will be exempt since they pose minimal risk within Chrome’s security framework.
In a statement, Google acknowledged that “there is still much work to be done,” but emphasised that this update marks a significant step forward in its long-term mission to strengthen online security and protect user data.
