Over the years, Google added a lot of security features right into the chrome Browser like DNS Over HTTPS, warning users about password breaches, etc. But still, it is far from perfect and needs even more security features like blocking third-party tracking cookies, forcing HTTPS on every page, etc. Anyhow, we can do them manually and improve security ourselves.
How to Secure Google Chrome Browser
Let’s start with something basic and in-built options
1. Safety Check
In the latest Chrome 84 update, Google added an option called Safety Check which includes four key features. It will make sure that your browser is up to date, reminds you about any password breaches, prompts you to enable enhanced protection, and takes care of the extensions you use.
All you need to do is open Chrome Settings > Safety check and click on the “check now” button, it will check and shows you the status of the above-mentioned points. If there are any changes that have to be done, Chrome provides you the option to change them right over there. If all the four options have tick mark beside, you are good to go. Chrome doesn’t run the test every now and then automatically, so you have to do it manually to check for your extensions, updates, and passwords.
Though Chrome has features to notify you about password breaches, but we don’t recommend using an in-built Password manager.
2. Do not use In-built Password manager
It is recommended to maintain different passwords for each service, so a password manager is much helpful to maintain complicated passwords under one master password. But the in-built Password Manager on Chrome saves the password in plain text. Two things you can do is encrypt your data with Sync passphrase or use third party-services like LastPass, Dashlane, etc of your choice.
3. Site Permissions
Many sites need permissions like camera, location, microphone, etc to work properly. But once you have granted permission these sites can access them forever. On Android and iOS, we have the option to grant permissions to apps for once and the permissions will be blocked again automatically after that session. Anyhow, we don’t have such options on the web, so we have to manually go to settings > Privacy and Security > and check out each permission and which sites are accessing. If you do not want any service to access any permission anymore, you can block them by clicking on the bin icon beside them.
4. Block third-party cookies
You can block third-party cookies by going to Settings > Privacy and Security and click on cookies and site data under content. Now you can choose to block third-party cookies. Along with that, also make sure to enable “Clear cookies and site data when you quit Chrome” to delete cookies automatically once you close the chrome browser.
5. Block Apps running in the background
Chrome by default allows apps to run in the background, even when the browser is closed. This comes in handy when you are downloading files or using a certain website that delivers notifications or keeps the chat running. But thankfully you can stop apps from running in the background entirely, without having much impact on your workflow. You can turn it off by going to Chrome Settings > Advanced and turn off “Continue running background apps when Google Chrome is closed” under the system tab.
Our Google accounts have a lot of information about us from emails to personal photos. So making one step forward to protect the password of Google account is a must if you use Google apps. Password Alert is an extension from Google that notifies you whenever you have used Google password on any other sign-in page. It recommends you to change the password of Google right away to keep it secure.
7. Two-Factor Authentication
Two-factor authentication is a system where it not only asks for your password to log-in, it also requires verification from your trusted device. It can be a notification prompt or an SMS or you can even use a separate physical security key. This makes sure that no one even with your password can log-in to Google account and therefore to your Chrome browser.
To enable two-Factor Authentication, click on this link to and click on get started. Now follow the on-screen instructions to set-up two-factor authentication. Anyhow, two-factor authentication is important for all the services you use along with Google. You can enable them on their respective websites.
If you lose your phone or if it is broken, it might be hard or even impossible to log-in to your Google account. So make sure you take the required precautions for it before.
8. Web of Trust
WOT Web of Trust is a community of people who rates sites depending on the actions these sites perform. You can add the WOT extension and check out the rating of sites directly on the google search represented in a circle symbol. The Green circle is a safe site to get into, whereas orange and red circles are suspicious and unsafe signs respectively. You can also click on those circles to find the exact rating and reviews of other people. This will stop you to get into any unsafe site even before opening it.
9. Lock your account on Chrome
Not just from the websites, you may also want to protect your account from other users from accessing your personal information or browsing history. You can do that by installing the LockPW extension. All you need to is install the extension and set a password to it. The default settings options are perfect, but you can make your own changes if you want and click on save. Now you can completely close the browser and reopen it to test the LockPW. The only issue is, sometimes the lock pop-ups in the middle of the browsing all of the sudden and there is no way to fix it. But it asks for lock each and every time consistently while logging in, which is the most important.
10. Use Guest Mode rather than Incognito
If you are looking for something purely incognito, the Guest mode is better as it has no sync with any of the data and also deletes your cookies and history just like incognito.
Along with them, you can also script blocker extension, which blocks all trackers and ads by completely removing the scripts to load on the page. Anyhow, I recommend following most of the tips that add up to provide you with better security while browsing.