Security

Google Chrome security tips for the paranoid at heart

If you're a Google Chrome user who loses sleep about online privacy risks, check out these tricks to making your browsing experience more secure.

chromesecurehero.jpg
Image: Jack Wallen

If you're online, there's always a security risk. It's a good thing browser developers work diligently at making your browsing experience as safe as possible. So you can rest easy knowing Google, Microsoft, and Mozilla have your back.

Read that last sentence again. Once you stop guffawing, come back to me, and we'll continue.

Users bear part of the responsibility for online security; Google, Microsoft, and Mozilla cannot predict how you'll use the browser, so the default settings may or may not work for you. That said, there are tweaks you can set on Chrome to make it better fit your security needs. I'll show some of the more important tricks you can use to help solidify your browsing experience.

SEE: Google fixes severe security holes in Chrome browser update (ZDNet)

Syncing

When you're logged in to your Google account through Chrome, your Chrome settings sync with your account and every device you use with Chrome will inherit those settings. This isn't always an optimal configuration, because it will sync cookies, passwords, history, and more. There will be cases where you do not want that information being sent into the ether to sync with your other devices. Follow these steps to prevent this from happening.
  1. Open Chrome.
  2. Click the "hamburger" menu button.
  3. Click Settings.
  4. Click Advanced Sync Settings.
  5. From the dropdown, click Choose What To Sync.
  6. Uncheck all of the items you do not want to sync (Figure A).
  7. Click OK.

Figure A

Figure A
Image: Jack Wallen

Strip away all that is not necessary to sync across your Google account.

Content settings

Let's move onto some less obvious browser settings that can be changed to help beef up your security. From within the Settings window, click Show Advance Settings and then click Content Settings (under Privacy). This particular section is crucial to your security; it's where you'll configure what to do with Cookies, JavaScript, Plugins, Popups, and more. These are the settings I recommend you use.

  • Cookies: Keep local data until you quit your browser (this clears your cache for every browser closed).
  • JavaScript: Do not allow any sites to run JavaScript (you'll probably need to add sites to the exceptions for any website you need to allow JavaScript).
  • Plugins: Let me choose when to run plugin content.
  • Location: Do not allow any sites to track your physical location (add any sites to the exceptions list that are needed).
  • Notifications: Do not allow any site to show notifications.

Outside of these settings, leave those listed as recommended. If you happen to be uber paranoid, you might also set Do Not Allow Any Site To Use A Plugin To Access Your Computer (under Plugins).

Note: Sites with two-factor authentication might not behave properly when you set Cookies to Keep Local Data Until You Quit Your Browser. For those, you must set up exceptions.

To set an exception, click the Manage Exceptions button and then enter the necessary site and click Allow from the drop-down (Figure B). You can use wildcards in exceptions in the form of [*]google.com.

Figure B

Figure B
Image: Jack Wallen

Adding exceptions to Cookies.

Privacy

In the Settings | Privacy section, you'll want to set the following:

  • Protect You And Your Device From Dangerous Sites
  • Send A Do Not Track Request With Your Browsing Traffic (you have to OK this after you click the check box)

If you are extremely concerned about privacy and security, un-check the following from the Privacy section:

  • Use A Web Service To Help Resolve Navigation Errors
  • Use A Prediction Service To Help Complete Searches And URLs Typed In The Address Bar Or The App Launcher Search Box
  • Prefetch Resources To Load Pages More Quickly
  • Use A Web Service To Help Resolve Spelling Errors
  • Automatically Send Usage Statistics And Crash Reports To Google

Passwords

I recommend unchecking the box for both settings under Passwords, even though this will cause you to always have to re-enter your passwords for every secure site you use.

  • Enable Autofill To Fill Out Web Forms In A Single Click
  • Offer To Save Your Web Passwords

System

For the very concerned for online privacy, I highly recommend unchecking Continue Running Background Apps When Google Chrome Is Closed (Figure C). This will close all apps when you exit Chrome and prevent notifications (such as Gmail, Facebook, etc.) from having access to your desktop.

Figure C

Figure C
Image: Jack Wallen

Preventing apps from running on the background.

Incognito

For those that really don't want to risk security, when using Google Chrome, you can always run every session through an Incognito window. Many desktop environments will allow you to open Chrome in Incognito without having to first launch Chrome and then open a new Incognito window. Elementary OS Freya, for instance, allows you to right-click the Chrome launcher and then select New Incognito Window (Figure D).

Figure D

Figure D
Image: Jack Wallen

Launching an Incognito window from the desktop.

The Incognito mode prevents the saving of any site history; it does not, however, prevent other sources from seeing your activity. Which sources?

  • Your internet service provider
  • Your employer (if you're using a work computer)
  • The websites you visit

Is it enough?

These steps will go quite a long way to make your browsing in Chrome safe. Is it enough? That all depends on what you do with your browser, and how concerned you are with security/privacy.

If you know a must-use tip for securing Google Chrome, share it with your fellow TechRepublic readers in the discussion.

Also see

About Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.

Editor's Picks

Free Newsletters, In your Inbox