Google is experimenting with only showing domain names in Chrome’s address bar instead of full URLs. This feature will be tested in the upcoming Chrome 86 release, with Google hoping this change can protect users against scams and phishing attacks by using misleading URLs. .
Domain names and URLs are one of the most basic forms of web security we have, allowing us to quickly know where we are online. However, sometimes, they can be used for deception. Hackers and scammers often create legitimate-looking fake websites by using misspelled URLs (twittter.com) unfamiliar subdomains (yourbank.sign-in.info) or accented domains hyphen (secure-gmail.com). Unsuspecting users then visit these URLs and think they belong to legitimate companies before being tricked into providing their credentials.
Some browsers like Safari only show the URL’s domain name in the address bar, partly because it looks cleaner, but also because it makes some of these scams more obvious. If you are used to seeing facebook.com in the address bar and your browser suddenly shows facebook.com.money.biz.scam.inc instead, you will (hopefully) be suspicious.
Google says the new domain-only feature will be visible to a random small group of users in Chrome 86. The company wants to see if the change “helps users realize they are on a malicious website. Harm and protect them from scams and social engineering attacks. If it does, we can expect it to become a permanent feature in the future.
If you haven’t signed up for the experiment yet but want to see what it looks like, you can download Chrome 86 via canary or dev channels, open chrome: // flags, enable the following flags, # omnibox-ui-Lo-okay specify -state-url-path-query-and-ref-on-hover and # omnibox-ui-times-elide-to-registerrable-domain, and restart Chrome to check. Chrome 86 is not expected to be a stable release until October.