Overview
- Starting with Chrome 154 in October 2026, Chrome will enable Always Use Secure Connections by default and ask permission before first access to any public site without HTTPS.
- In April 2026, Chrome 147 will turn the feature on for more than 1 billion users enrolled in Enhanced Safe Browsing.
- The default applies to public websites, while private and local addresses such as intranets and router pages are exempt unless users choose to include them.
- Chrome will limit prompts to new or infrequently visited insecure pages, and Google’s testing shows the median user sees fewer than one warning per week.
- Google cites HTTPS adoption of roughly 95–99% of Chrome navigations, users can disable the setting, and site operators have about a year to migrate remaining public HTTP endpoints.