Google Chrome tests Balanced HTTPS-First Mode for fewer Warnings

Chrome's new Balanced mode for HTTPS warnings

Reading time icon 3 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Google has enabled HTTPS-First Mode by default in Chrome for some time now. The company, which takes security seriously in Chrome and always tries to use secure connections, is testing a new “Balanced HTTPS-First Mode” to reduce the number of warnings and make browsing less annoying.

Google is also working on other HTTPS-First Mode features, including:

  • Incognito Mode: Enabling HTTPS-First Mode by default in incognito.
  • Typically Secure Users: Automatically enabling HTTPS-First Mode for users with a history of secure browsing.
  • Engaged Sites: Enabling HTTPS-First Mode for sites with high user engagement. This is why Chrome sometimes shows an interstitial message about HTTPS-First Mode for these sites.

By default, browsing the web doesn’t automatically use HTTPS encryption. This means that the information you send and receive might be vulnerable to interception.

HFM (HTTPS-First Mode) tries to upgrade all connections to HTTPS whenever possible. This ensures your data is encrypted and more secure. However, some websites might not have a working HTTPS version, leading to connection errors and frustration.

Note: You can confirm whether HTTPS-First Mode (HFM) is enabled by visiting Settings > Privacy and Security > Advanced. There, you’ll notice that the ‘Always use secure connections’ toggle is enabled by default.

Chrome’s HTTPS-First Balanced Mode

A new flag, corresponding commit, and bug spotted by Windows Report indicates Google is working on “Balanced HTTPS-First Mode.” When enabled, it “uses HTTPS-First Mode only when secure connections are likely possible.” The flag is also available on Android and Windows, Mac, Linux, and Chrome OS platforms.

Balanced HTTPS First Mode in Chrome flag
HTTPS-First Balanced Mode flag. Image credit: Windows Report

This new mode aims to strike a balance between security and user experience. Instead of forcing HTTPS everywhere, it will only warn you when a secure connection seems likely but isn’t used. This reduces the number of frustrating connection errors while still promoting secure connections.

“Add feature and flag for balanced Ask-Before-HTTP (nee HFM). Balanced mode will warn when we can reasonably expect a connection to support HTTPS, but not when we can’t. This is obviously less secure than full HFM, but will limit warning fatigue and evolve over time as HTTPS is possible in more scenarios,” Google notes.

Benefits of Balanced HTTPS-First Mode:
Enhanced Security: You’ll still get warnings for potentially insecure connections, protecting your data from snooping.
Reduced Warning Fatigue: No more annoying errors for websites that genuinely don’t support HTTPS.
Future-Proof: As more websites switch to HTTPS, the warnings will become even rarer.

Additionally, Chrome will offer performance suggestions when tabs consume more resources and Google is making Chrome on Windows to use ARM processors for video processing that improves battery life.

More about the topics: Chrome