As of Monday, developers can no longer submit extensions that include obfuscated code. Google says 70 percent of malicious and policy-violating extensions use such code. More easily accessible code should speed up the review process too. Developers have until January 1st to strip obfuscated code from their extensions and make them compliant with the updated rules.
Additionally, there will be a more in-depth review process for extensions that ask you for "powerful permissions," Google says. The company is also more closely monitoring those with remotely hosted code.
Next year, developers will need to enable two-step verification on their Chrome Web Store accounts. Google also plans to introduce an updated version of the extensions platform manifest, with the aim of enabling "stronger security, privacy and performance guarantees." Google says half of Chrome users actively employ extensions, so the changes could make browsing the web more secure for millions of people.