Google is taking another big step toward a safer web. Starting in October 2026, the company will make HTTPS the default connection for all public websites in its Chrome browser. This change will arrive with Chrome version 154, ensuring users automatically connect to secure versions of websites whenever possible.
The move is part of Google’s ongoing effort to protect users from online attacks and data interception. HTTPS encrypts data between a user’s browser and the website, preventing attackers from hijacking connections or injecting harmful content. When Chrome encounters a website that does not support HTTPS, it will now warn users and ask for their permission before loading it.
Google first introduced the “Always Use Secure Connections” feature in 2022 as an optional setting. It was later turned on by default for a small number of users in Chrome 141 for testing. The company says the results have been promising, with Chrome showing security warnings for less than 3% of web visits during testing.
According to Google, more than 95% of websites already use encrypted HTTPS connections. Most of the remaining HTTP traffic comes from sites that immediately redirect users to a secure version. The company expects that number to drop even further before the 2026 rollout.
To prepare for the full switch, Google plans to first enable the feature in April 2026 with Chrome 147 for users who have opted in to Enhanced Safe Browsing. This will act as an early rollout before it becomes standard for everyone.
Google says it has already reached out to organizations that still serve insecure HTTP pages and expects them to transition to HTTPS within the next year. The company also introduced a new local network access permission feature to help websites fix “mixed content” issues.
Once the change is live, Chrome users will be safer by default, with attackers finding it much harder to intercept traffic or distribute malware through unsecured websites. Users who still want to access HTTP sites without warnings will be able to manually turn off the “Always Use Secure Connections” setting in Chrome’s preferences.
