Google might soon truncate the full address of websites you visit. By only showing the domain name of a website in the address bar rather than the full URL, Google’s move could actually help people increase their security when browsing the web. And you can try this feature out right now.
To get started, you’ll need to grab Chrome Dev or Chrome Canary for Windows or Mac, as this URL-hiding feature isn’t yet present in Chrome’s Beta or Stable channels. Once you have Chrome Canary up and running, you’ll want to copy and paste this into your address bar and enable the flag:
Relaunch the browser and load up some websites. Once the pages fully load, you should notice that the URL in Chrome’s address bar shrinks down to just the domain — nothing else.
The URL is gone, but not forgotten. Simply click on the address bar again to reload the full URL, like so:
Click back anywhere within the web page you’re viewing, and the URL will go back to just the domain name.
While this sounds like a pretty small change, it’s one you might want to get used to; as I understand it, this has the potential to be the default for Chrome going forward, though Google is still working to research whether this change is actually useful as a phishing deterrent.
Worry not, though. If you really, truly preferred the old way of doing things, you’ll be able to right-click on your address bar and select a new “Always Show full URLs” option. That option is currently hidden behind the following flag in Chrome Canary:
Isn’t it bad to hide the entire URL?
Not really. Actually, this change is a good move, especially for those who aren’t nearly as tech-savvy as you. Consider people who might click on a link and get taken to a phishing site that has an exceedingly complicated URL. They might not even notice the URL in their address bar, since it’s just some big hodgepodge of letters and numbers that have absolutely no meaning for them.
In contrast, if the URL was shortened to just the domain, it might be more apparent to a person that they pulled up microsoft.hhr13231j.com instead of Microsoft’s website.
As one Chromium developer writes:
We think this is an important problem area to explore because phishing and other forms of social engineering are still rampant on the web, and much research shows that browsers’ current URL display patterns aren’t effective defences. […] We’re implementing this simplified domain display experiment so that we can conduct qualitative and quantitative research to understand if it helps users identify malicious websites more accurately. This means we’ll have study participants exploring the prototype in lab/survey studies, and we will also roll it out to a small % of real Chrome users to understand if it helps protect them from phishing. If the results show that this simplified domain display does help protect users from attacks, then we’ll make a decision about whether to ship it to all users, balancing user feedback with the security considerations. As noted above, users will have an option available to individually opt out of it if they feel that it isn’t a security or usability improvement for them.
I say let this change rip. As long as Google makes it very obvious for power users who want the full URL in the address bar to see it as the default, is jumping from a specific URL to a simpler domain name once a page loads really going to ruin anyone’s day? If it can help out the less observant with phishing, I think it’s a great move.