Overview
- Chrome 154 will enable the 'Always Use Secure Connections' setting by default and prompt users before first visiting non-HTTPS public sites.
- Users who have Enhanced Safe Browsing will get this default earlier with Chrome 147 in April 2026, according to Google.
- The opt-in control introduced in 2022 can be turned on today via Settings > Privacy and Security > Security.
- Google warns unsecured links can be hijacked to load attacker-controlled resources, exposing users to malware, targeted exploitation, or social engineering.
- Navigations to private addresses and company intranets are exempt from the public-site prompt, and the change is set to affect billions of Chrome users.