Chrome 86 will disable Autofill for insecure HTTP web forms

Google is making yet another security improvement to the browser. For websites opened via the plain HTTP protocol the Autofill feature will be disabled by default. This may potentially prevent your sensitive data leak.

Each time you enter some credentials for a website, Google Chrome asks you to save them. The next time you open the same web site, your browser will auto-fill the saved credentials.

The same works for other web form data. The browser can remember your name, your surname, addresses, and much more. For individual websites Chrome may remember their unique form data you have previously entered.

Starting in Chrome 86, the browser won't provide the autofill data for forms hosted on websites that open via the unencrypted HTTP. The browser will instead show a red warning text that the form is not secure.

Google Chrome Disables Autofill On HTTP Forms 1

If you submit the form, you will see an extra screen telling that it is risky to send the information.


Google Chrome Disables Autofill On HTTP Forms 2Google noted, however, that the unique password generator of Chrome's password manager will continue to work on not secure forms. According to the company, a weak password is still worse than the potential risk of traffic captured by a third-party.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!


Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

Leave a Reply

Your email address will not be published.

Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.