In an effort to boost online security, Google Chrome will be implementing stricter warnings for insecure websites. Beginning in October, Chrome users will receive alerts when accessing public websites that lack an encrypted HTTPS connection.

Currently, Chrome displays a “Your connection is not private” message for pages with misconfigured HTTPS connections. However, this warning will now extend to sites without HTTPS altogether.

Google initially introduced insecure connection warnings for HTTP pages back in 2021, with users having to opt in to view them. HTTPS, which stands for Hypertext Transfer Protocol Secure, utilizes encryption to establish secure connections, safeguarding sensitive data from potential eavesdroppers.

According to Google, HTTPS connections now constitute approximately 95 to 99 percent of all connections. This widespread adoption enables the implementation of more robust security measures against the remaining insecure HTTP connections.

Google emphasizes that private websites are the primary source of insecure HTTP traffic, citing challenges in obtaining HTTPS certifications. While HTTP navigations to private sites pose some risks, they are generally less hazardous than public site interactions due to fewer attack vectors.

Before transitioning to HTTPS as the default protocol for all users, Google intends to roll out these changes to individuals who have activated Enhanced Safe Browsing protections in Chrome starting in April 2026. Users will retain the option to disable HTTP warnings by deactivating the “Always Use Secure Connections” setting.