Top Security Tips for Safer Browsing
There’s a lot to like about the security features built into Google Chrome. The browser offers unique sandbox functionality and privilege restrictions, and it updates itself in the background to help better protect you from hackers and malware. But like all browsers, Chrome isn’t perfect, and there are steps you can take to protect it from attack. Here’s how to get the most out of Chrome’s built-in security features, and work around security shortcomings.
Chrome offers many privacy features that help protect you while browsing. Most notable are phishing and malware protection systems, and a tool that can auto-correct misspelled web addresses.
Chrome’s Phishing and Malware Protection displays a warning screen whenever you visit a website that Google has identified as potentially harmful, whether it’s spreading malware or trying to steal your personal information. Meanwhile, Chrome’s URL AutoCorrect feature uses an online service provided by Google to fix misspelled URLs to help you avoid visiting the wrong – and possibly outrageous – site by accident. In fact, “typographical burglary” is still a threat.
Chrome has many useful features that can help you avoid dangerous websites.
To use these features, open your browser Settings panel and scroll down to the Privacy section (you may need to click Show advanced settings to get there), and check the boxes labeled Use the web service to help resolve navigation errors And Use the web service to help with spelling errors. Also, be sure to check out Enable protection against phishing and malware Box.
Restricting and limiting web content can help prevent some types of malware attacks.
Protect your saved passwords and credit card details
If you allow Chrome to save your website passwords, anyone using your computer can easily access them with a little searching in the Settings panel. But unlike Firefox and its main password feature, Chrome – and thus third-party add-ons – will not allow you to encrypt passwords or saved credit card information.
Fortunately, there are some things you can do to help protect your privacy. First, don’t allow people you don’t trust to use your Windows user account. Alternatively, you can either create a new standard (non-administrative) account for others to use or run the guest account.
It is very easy for anyone to access your passwords saved in Chrome.
If creating another Windows account is too inconvenient, consider using a Chrome extension like ChromePW, Browser Lock, or Secure Profile to password protect Chrome. This effectively forces others to use another browser on your system such as Internet Explorer (which does not allow others to easily view your saved passwords) or Firefox (which lets you encrypt and protect your saved passwords with a password).
Another option is to store your sensitive data securely using a third-party password manager. Some third-party password tools allow you to sync your passwords across other browsers, which can be useful if you move from one computer to another. KeePass and Xmarks are two popular password managers worth trying.
Secure your sync data
Chrome can sync most of your settings and saved data (including passwords, but not credit card details) across multiple computers and devices that have Chrome installed, but this creates a security vulnerability. By default, Chrome only requires you to enter your Google account password to set up a new computer or device to sync your browsing data. So if your Google account password has been hacked, it is possible that an intruder could gain access to a list of all your passwords.
Adjusting your sync settings can better protect the data Chrome saves.
This is unless you set a custom encryption sync passphrase.
Once you set the sync passphrase, you must first sign in with your Google account password and then enter the passphrase to set up new sync devices. This adds an important additional layer of security. To set this up, open Settings, click Advanced sync settings, and select Choose my passphrase.
While you’re there, also consider turning on encryption for all simultaneous data rather than just passwords.
Secure your Google account
Google offers several security features to help you better control and protect your account, and you should definitely consider using them if you use Chrome sync. They help secure your entire Google account, so you should also consider using these security features if you’ve clicked on multiple Google services.
On the Google Account Security page, consider enabling Google 2-Step Verification. Once you do that, you’ll have to enter a special code – which you’ll receive via text message, voice call, or the Google app – whenever you try to sign in to Google from a new computer or mobile device. This system ensures that anyone who does not have direct and practical access to your mobile device will be denied access to your Google data. When you sign in to apps or features that don’t support verification codes (like the Chrome sync feature), you’ll have to sign in to your Google account, access your two-step verification settings, and create an app-specific password.
Google offers many security features and functions so that you can better protect your account.
While on the Google Account Security page, you may also want to turn on email and/or phone notifications for password changes and suspicious login attempts. This way, you will know instantly if someone is trying to change your password or trying to log into your account without your knowledge.
Additionally, review your recovery options in case you forget your password in the future. Finally, review the authorized apps and sites and remove the ones you don’t use anymore.
Install accessories for extra protection
We’ve reviewed many of the security features Google and Chrome offer, but different extensions allow you to add more security functionality. For example, the Web of Trust (WOT) can warn you about dangerous sites, and ADBlock can remove annoying or malicious ads that can lead to malware or phishing sites. Thru view lets you see the destination of shortened URLs, and KB SSL Enforcer can help you take advantage of HTTPS/SSL encryption on sites that support it.