Web security: Maintaining your security and privacy while browsing the web can be difficult, but tools like HTTPS make it a lot easier. HTTPS tech, where supported, encrypts your connection to a given website, ensuring that any data shared via that connection cannot be intercepted or altered by third parties. It’s already a widely supported protocol, but Google is hoping to boost adoption rates even further via an upcoming “HTTPS-First” feature for Chrome.
This security tool will arrive with Chrome’s upcoming M94 update in September. When it goes live, users that toggle HTTPS-First mode on in their browser’s settings menu will find that all future page loads are automatically upgraded from HTTP to HTTPS when possible.
If Chrome can’t accomplish that task for whatever reason, and the end-user is at risk of connecting to a site via an insecure connection, the browser will display a “full-page warning” before loading the address. This will give you a chance to opt-out of visiting the site if you feel it’s not worth the risk. If you’re willing to accept the danger, you can forge ahead anyway, of course.
Though it doesn’t sound like Google is planning on making HTTPS-First mode the default with its initial release in Chrome 94, it may do so down the line. “Based on ecosystem feedback, we’ll explore making HTTPS-First mode the default for all users in the future,” the company said in a blog post.
HTTPS-First mode isn’t the only work Google is doing to improve the HTTPS user experience. Moving forward, it will experiment with a new alternative to the standard HTTPS lock icon that you see on the left side of your browser’s address bar (when the protocol is active, anyway).
According to Google, its studies show that the average internet user — 88 percent of participants — could not identify what the lock means. Most people seemed to think it meant the site they were visiting was secure, but HTTPS only guarantees the security of your connection, not the web pages you visit. A website designed to phish your personal information, or otherwise scam you in some way, could still (and likely does) have that notorious lock icon.
To dispel some of these misconceptions, Google will try replacing the lock with a downward arrow. When clicked, the standard “Connection secure” dialogue box will pop up.
Frankly, I don’t think the proposed change will make much of a difference. For a less tech-savvy internet user, there’s probably no difference between seeing the lock icon and seeing green text informing them that their connection is encrypted. Still, it’s an admirable goal, and it would be nice if it makes a difference.