Google

Google running a test showing domain names only in Chrome

Google is running an experiment in Chrome version 86. Google is testing domain-only URLs in Chrome to help foil rampant phishing, social engineering, and scams.

Chrome’s address bar is showing domain names only instead of full URLs.

“On today’s web, URLs remain the primary way users determine the identity and authenticity of a site, yet we know URLs suffer from usability challenges. For example: there are myriad ways that attackers can manipulate URLs to confuse users about a website’s identity, which leads to rampant phishing, social engineering, and scams. In one study, more than 60% of users were fooled when a misleading brand name appeared in a URL’s path.”

“Different browsers approach this challenge in a number of ways, including showing only the domain by default, or visually highlighting the registrable domain (the “most significant” part of the domain name). In Chrome 86, we’re likewise going to experiment with how URLs are shown in the address bar on desktop platforms (animation below). Our goal is to understand — through real-world usage — whether showing URLs this way helps users realize they’re visiting a malicious website, and protects them from phishing and social engineering attacks.”

Prefer to see the full URL?

“If you find yourself in the experimental group, and you’d like to view the full URL for a given site, you’ll have two options. First you can hover over the URL, and it will expand fully. Second, you can right-click on the URL, and choose “Always show full URLs” in the context menu (screenshot below); enabling this setting will show the full URL for all future sites you visit. (Notably: Enterprise-enrolled devices won’t be included in this Chrome 86 experiment.)”

Sold.Domains

About Konstantinos Zournas

I studied Computer Engineering and Computer Science in London, UK and I am now living in Athens, Greece. I went online in 1995, started coding in 1996 and began buying domain names and creating websites in 2000. I started the OnlineDomain.com blog in 2012.

3 comments

  1. do you think this will help our domain business?

  2. It will make the Domain name more obvious.

    The reason why they’re doing this is because scammers are spoofing the sub domains that show first in the URL address. An address could read WellsFargo.com. and then a whole long string of letters and numbers before you get to the primary domain name—which no one ever sees. Almost happened with me. Looks like this:

    http://wellsfargo.com.FHJGfhjf577DFfghjbvvffffgvbjhgf466fyTyuii.ggiff.kr

    The primary address is ggiff.kr

    • They almost got me too on a banking related domain. Thanks for highlighting a real example of how it works so some can notice. Safari for mac has been doing what google chrome is trying to do for quite a while. I am assuming that their much publicised plan of coming up with a secure way of using domains was much a do about nothing. Safari did it without the fanfare.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.