In an attempt to reduce phishing and social engineering attacks, Google will experiment with the possibility of showing just the domain name in the address bar on Google Chrome, starting with Chrome 86. For example, you will just see ‘beebom.com’ instead of ‘https://beebom.com/example-url’ in the address bar.
According to a new Chromium blog post, the goal of this experiment is to test if showing domain-only URLs would help reduce phishing attempts in real-world scenarios. The post quotes a study where more than 60 percent of users got fooled with look-alike websites having obfuscated URLs.
Since this is a test, not everyone will be part of this. Google will randomly enable this feature to some users. Also, you will have to wait 2 months since Google is likely to release stable Chrome 86 on October 6. However, if you’re feeling adventurous, you can install Chrome 86 from Canary or Dev channels to try out this feature right now. Do note that you will have to enable the following flags from chrome://flags and restart the browser.
- #omnibox-ui-reveal-steady-state-url-path-query-and-ref-on-hover
- #omnibox-ui-sometimes-elide-to-registrable-domain
- #omnibox-ui-hide-steady-state-url-path-query-and-ref-on-interaction (optional)
- #omnibox-context-menu-show-full-urls (optional)
In case you’re a power user who wants to see full URLs all the time, you can right-click on the URL and choose ‘Always show full URLs’. Do note that you should enable the fourth flag given above to see this option.
Personally speaking, I prefer seeing full URLs in the address bar as it helps me identify campaign URLs. We will have to wait to see if short URLs would get standardized in the upcoming builds of Chrome.