If you're online, there's always a security risk. It's a good thing browser developers work diligently at making your browsing experience as safe as possible. So you can rest easy knowing Google, Microsoft, and Mozilla have your back.
Read that last sentence again. Once you stop guffawing, come back to me, and we'll continue.
Users bear part of the responsibility for online security; Google, Microsoft, and Mozilla cannot predict how you'll use the browser, so the default settings may or may not work for you. That said, there are tweaks you can set on Chrome to make it better fit your security needs. I'll show some of the more important tricks you can use to help solidify your browsing experience.
When you're logged in to your Google account through Chrome, your Chrome settings sync with your account and every device you use with Chrome will inherit those settings. This isn't always an optimal configuration, because it will sync cookies, passwords, history, and more. There will be cases where you do not want that information being sent into the ether to sync with your other devices. Follow these steps to prevent this from happening.
- Open Chrome.
- Click the "hamburger" menu button.
- Click Settings.
- Click Advanced Sync Settings.
- From the dropdown, click Choose What To Sync.
- Uncheck all of the items you do not want to sync (Figure A).
- Click OK.
Strip away all that is not necessary to sync across your Google account.
- Cookies: Keep local data until you quit your browser (this clears your cache for every browser closed).
- Plugins: Let me choose when to run plugin content.
- Location: Do not allow any sites to track your physical location (add any sites to the exceptions list that are needed).
- Notifications: Do not allow any site to show notifications.
Outside of these settings, leave those listed as recommended. If you happen to be uber paranoid, you might also set Do Not Allow Any Site To Use A Plugin To Access Your Computer (under Plugins).
Note: Sites with two-factor authentication might not behave properly when you set Cookies to Keep Local Data Until You Quit Your Browser. For those, you must set up exceptions.
To set an exception, click the Manage Exceptions button and then enter the necessary site and click Allow from the drop-down (Figure B). You can use wildcards in exceptions in the form of [*]google.com.
Adding exceptions to Cookies.
In the Settings | Privacy section, you'll want to set the following:
- Protect You And Your Device From Dangerous Sites
- Send A Do Not Track Request With Your Browsing Traffic (you have to OK this after you click the check box)
If you are extremely concerned about privacy and security, un-check the following from the Privacy section:
- Use A Web Service To Help Resolve Navigation Errors
- Use A Prediction Service To Help Complete Searches And URLs Typed In The Address Bar Or The App Launcher Search Box
- Prefetch Resources To Load Pages More Quickly
- Use A Web Service To Help Resolve Spelling Errors
- Automatically Send Usage Statistics And Crash Reports To Google
I recommend unchecking the box for both settings under Passwords, even though this will cause you to always have to re-enter your passwords for every secure site you use.
- Enable Autofill To Fill Out Web Forms In A Single Click
- Offer To Save Your Web Passwords
For the very concerned for online privacy, I highly recommend unchecking Continue Running Background Apps When Google Chrome Is Closed (Figure C). This will close all apps when you exit Chrome and prevent notifications (such as Gmail, Facebook, etc.) from having access to your desktop.
Preventing apps from running on the background.
For those that really don't want to risk security, when using Google Chrome, you can always run every session through an Incognito window. Many desktop environments will allow you to open Chrome in Incognito without having to first launch Chrome and then open a new Incognito window. Elementary OS Freya, for instance, allows you to right-click the Chrome launcher and then select New Incognito Window (Figure D).
Launching an Incognito window from the desktop.
The Incognito mode prevents the saving of any site history; it does not, however, prevent other sources from seeing your activity. Which sources?
- Your internet service provider
- Your employer (if you're using a work computer)
- The websites you visit
Is it enough?
These steps will go quite a long way to make your browsing in Chrome safe. Is it enough? That all depends on what you do with your browser, and how concerned you are with security/privacy.
If you know a must-use tip for securing Google Chrome, share it with your fellow TechRepublic readers in the discussion.
- How to Configure Google Apps to restrict tracking, disable syncing, and block sites (TechRepublic)
- Is less privacy worth the price of convenience? (TechRepublic)
- 9 privacy and security errors startups can't afford to make (TechRepublic)
- Ebook — Executive's guide to the next wave of security challenges (TechRepublic)
- Network Security Policy (Tech Pro Research)
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.