Most of us don’t go a day without using a web browser, which makes them prime targets for hackers and criminals.
That’s why today we’re going to look at how to make Chrome secure.
We’ll cover all the basics and give you some pro tips. Ready?
What Is Google Chrome?
Although Microsoft has tried its best with Edge and there was great hype over Mozilla Firefox, Google’s Chrome is now the most popular web browser. Estimates put its user base at over 2.6 billion globally.
Is Chrome secure?
Its popularity makes it statistically the most prone to attack.
That’s not to say it doesn’t have excellent built-in security features. But at TechJury we like to do everything possible to protect you on the Web.
In this guide, we’ll teach you how to make Chrome more secure including what obvious and hidden Chrome settings to use. Plus, we’ll overview the best security extensions for Chrome.
We’ll also pay attention to Google itself and some of its own questionable practices that may invade your privacy.
How To Make Chrome Secure?
Whether on desktop or mobile browser, Chrome is our portal to the web. It’s how we view sites, pay our bills, and interact on social media. So, obviously, you need to secure your Google Chrome browser.
Stay Up to Date
Engineers tinker day and night to fix Google Chrome security vulnerabilities, but these patches are only effective if you stay up-to-date with the latest browser release.
By default, it updates automatically whenever patches are made. If, like us, you toil away with many tabs and like to keep your browser active for days on end, you’ll know if there’s an update icon at the top right of the screen.
Green means the update was released in the last two days. Yellow means it’s four days old. Red is over a week old. Whatever the color, all it takes is a click of the mouse and Chrome will restart with the update applied. Your session can also be restored exactly how it was, so you won’t lose any work.
Mobile works similarly. If you have automatic updates, you don’t have to do anything. Otherwise check the respective app stores to see if Chrome is ready with a new release and download it manually.
How to secure Chrome browser? The first step is to keep it up to date.
Safe Browsing Chrome
One of the best Chrome settings is Google safe browsing. With standard protection enabled, Google steps in with a warning when trying to access known dangerous websites, extensions, and files.
Some turn this off when downloading files they trust that appear to be dangerous. E.g. video game cheat engines. Yet, 99% of the time safe browsing is the way to go.
The Enhanced protection option aims to be more proactive, though the benefits over standard protection are debatable. You must send browser data to Google, which is a privacy concern itself.
Limit Cookie Use
Cookies are perhaps the least understood aspect of web browsing that everybody has heard of. Probably because the name conjures up images of nice chocolatey treats.
You may have been told they’re dangerous. They can be, but not inherently.
A cookie is a small piece of data delivered to you in the background by websites you visit. It allows them to remember you, whether you’re logged in, if you have items in a cart on an online store, what type of browser and device you use etc.
This comes with an element of privacy invasion, though reputable websites now disclose their cookie policies and give you more control over their scope. You can even block them altogether for additional Chrome browser security.
They are useful, however, so you don’t have to keep logging in to your favorite sites. Site owners can learn more about users and deliver the most relevant content. This is considered non personally identifiable tracking.
They might know someone is browsing from a rough geographic location using Chrome. That they visited the site on X day and stayed for X amount of time. They need much more info to know that person is you and most site owners don’t have the time or inclination to do this.
Are cookies dangerous?
Most cookies are safe, it’s negligence and dangerous sites that use them to track you without consent. Sometimes legitimate cookies can be hijacked and used by cybercriminals to spy on your browsing habits.
Another concern – advertising cookies. If a site has several ads, these may deliver tracking cookies. Whenever you visit another site using the same advertising network, cookie data is shared with the entire ad network.
This builds up a profile of your web history, the products you like or have purchased, and allows for more targeted ads. People often think their phone is listening to them. It is, but not through the microphone, it’s through ad cookies.
Under privacy settings, Chrome has a cookies section. Options include blocking third-party cookies, like ad ones or those injected from malicious sources. You can also block all cookies, but this isn’t necessary in most cases.
If you’re using a public computer or managing office workstations, setting ‘clear cookies and site data’ allows for a fresh start every time Chrome is opened.
Over time, the number of cookies stored on your computer adds up. In rare cases, they may even slow down your browsing experience. Therefore, it’s worth checking how many useless cookies you store.
You can wipe them all or choose the precise ones you want to get rid of for better privacy in Chrome.
Send a “Do Not Track Request”
Google Chrome privacy settings include a check box for something called a ‘Do Not Track Request’.
As the name suggests, this sends a message to websites that you do not wish to be tracked.
It instructs sites not to use analytics services, ad networks, and social media tools that share cookie data.
Its purpose is to solve the previously mentioned concern that websites linked by services such as advertising networks, do not share cookie data in a larger pool.
The fact you visit a shopping site should not have any bearing on the ads served to you when you then visit a seemingly unrelated platform.
In practice, sites do not have to honor this request. It’s not legally binding. Some sites doing the right thing are better than none, however. Couple this with other Google Chrome browser settings and it adds to overall security.
Turn Off Background Sync and Services
When considering Google safety settings, It’s not just websites and cookies that access your data. Browsing information is also sent off to Google itself when you choose to sync your Google account across devices. I.e. sharing Chrome on a desktop PC and mobile device.
This is right at the top of the Chrome settings page under ‘You and Google’, next to your name and email address. Click to turn it all off or choose the exact services you want. E.g. you might want to keep autocomplete URLs but not stats or usage reports.
Turn Off Location Data
If privacy is one of your priorities, then giving away your location isn’t something you’ll want to do.
Google is keen to tout the benefits, such as traffic updates, up-to-date maps, and visited places. It also helps to locate your device if it’s lost. Many apps prompt you to have this turned on for their own purposes.
While Google doesn’t seem to be doing anything nefarious, it’s still your right to cut off this info. Third-party apps are more of a concern because it’s not always clear why they need your location or what they’re really using it for. Thankfully one of the Chrome security features lets you handle this.
Go to myactivity.google.com to quickly open the relevant settings. Here you can completely turn off location history. You can also view and delete individual history data.
How to turn on sync in Chrome?
Hit the very top profile image in the right-hand corner where it says ‘sync off’ and the relevant settings will open. Simply turn it back on.
Disallow Camera and Microphone
Other Chrome privacy settings help you control access to your computer or mobile device’s camera and microphone.
Let’s face it, none of us wants to be watched or listened to. And, while this is rare, it’s not completely unheard of.
Go to settings, privacy and security, and site settings. There is a list of permission including camera and microphone. By default, you’re supposed to enable them, though someone else with access to your computer or sophisticated malware could hijack this.
Clicking through gives the option to create an allow or block list, so only sites you absolutely trust can use the feature.
Of course, there are many scenarios when you want to use your camera and mic but it’s beneficial to have full control.
Turn Off Background Processes
Believe it or not, when you shut down the Chrome browser there are still processes running in the background, taking up resources. For older computers, this can be an unnecessary memory hog. Some people also view it as a security risk. After all, closing a program should mean it’s closed!
The Chrome security settings you need are located under the Advanced and System tab on the left-hand side of the desktop browser window. A simple slider turns it off.
Stop Website Notifications
Chrome browser security is not all about immediate threats, many of us just want a less annoying experience.
Since the rise of smartphones and notifications, websites have cottoned on that they too can ping you with updates. This started with push notifications on mobile but has extended to the Chrome browser on desktop.
When loading a site, a box will pop up asking whether you want to receive browser notifications. In our experience, it’s often questionable sites that bombard you with this message. Some even try to code the site to force you to allow them. That’s a clear sign to get away from the page as fast as possible.
If you find the whole concept annoying you can turn off these requests before they happen.
Under ‘Privacy and security’ click ‘Site settings’ and then ‘Notifications’. Either block all or dig in deeper to see which sites you’ve already granted access to.
Regularly Clear Browser History
Enter one of the simplest Google Chrome security features – clear browser history.
Every time you browse the web, Chrome stores bits of history such as the sites you’ve visited, downloaded files, and caches of data for quick loading next time. You can also access cookies here.
Over time the amount of stored data can be huge, impacting storage space and performance on slower PCs and devices. Furthermore, the bigger the trail the more valuable it is to fraudsters.
It’s wise to clear your browser history at least once a month. Others choose to get rid of it every time they close Chrome.
To access these settings, simply look under ‘Privacy and security’ for the ‘Clear browsing data’ link. Pick and choose the type of data you want to clear and the timespan. E.g. going back seven days, four weeks, or absolutely everything.
Note: Clearing certain data may have unintended consequences. If you have a habit of going to a site based on typing a few letters in the address bar, that’s going to disappear if you clear your history.
Is Google Chrome safe? Broadly, yes. But if you want to cut Google out of your life for good, using a different search engine is an option.
DuckDuckGo is great for private browsing. It does not store or track its user’s data as Google does. It also doesn’t alter searches based on personalization.
Yes, Google Chrome secure search is possible with incognito mode, but it’s still Google and still open to some privacy vulnerabilities.
You’re probably thinking, are the results as good as Google’s? They certainly differ. But finding what you want is not hard. It’s as close to Google as we’ve found.
The search engine has been around since 2008, growing a huge following. As of February 2021, its record for a single day’s searches was 104 million. In other words, it works.
In good faith, Chrome actually lets you set DuckDuckGo as your default search engine for the address bar. Just go to settings and click ‘Search engine’ on the left. You’ll see a dropdown menu with numerous popular search engines, with DuckDuckGo as one of the options.
Disable Personalized Ads
Google itself is involved in one of the largest advertising networks in the world – Adwords/Adsense. It comes as no surprise that it stores some of your data to deliver ‘personalized ads’ via paid search results and all the sites that publish Google ads.
To improve Google Chrome protection, you can disable this feature. It’s back at the Sync and Google Services settings page. Click on ‘Control how your browsing history is used to personalize search, ads, and more’.
From there, scroll to the bottom and hit ‘See all Activity controls’. The option to turn off ad personalization is at the bottom.
Password Protect Chrome
A simple but often overlooked method of making Chrome a secure browser is to protect it behind a password. Not just your account password or phone pin, but an additional password to open the browser itself.
Following some Chrome updates, you now need a third-party program. My Lockbox and Folder Guard, for example, let you lock individual software, folders, and files.
If you’re in an office or other shared environment, a quicker solution is to lock your Windows screen.
A newer set of Chrome browser security settings are called ‘Safety Check’. This is prominent on the left of the settings page. Clicking it will check for updates, harmful browser extensions, and dangerous computer software.
The best feature is the saved passwords checker. It lets you know which passwords are weak and easily lets you update them.
If you see any red alerts for compromised ones, change them immediately!
This doesn’t mean someone has gained access to your account, but it does mean your login details have been found somewhere on the web. This usually occurs when a site’s database has been hacked and the data dumped somewhere publicly.
If you use the same password for everything, it can be a major problem if a criminal has hold of it – they can guess the popular sites you visit.
Chrome Hidden Settings
When researching about securing your web browser, you’re sure to come across so-called hidden Chrome settings. We’ve touched on a few of them already.
These are advanced settings that are a bit more difficult to navigate and understand. The cynic in us believes this is because Google doesn’t really want you to change them.
In theory, the hardest to find are those called flags, yet all you must do is type chrome://flags in the address bar and voila. Understanding them is a different matter.
Most flags alter the way Chrome looks and feels. You can force dark background mode and add tab groups on a desktop like Android. Turn on reader mode to strip pages down to the text and important bits.
There are a couple of things worth considering when it comes to security and privacy.
On Android if you search ‘Preview’ on the flags settings page you’ll see an option to ‘Enable a preview page/image’. It will show you a web page or image link from within the original page. I.e. you don’t have to open the URL itself. Instead, a smaller window appears.
This is useful if you suspect the link to be dangerous.
Another somewhat hidden feature that most people don’t know about is Chrome’s built-in Malware scanner. It’s located under the left-hand advanced tab on the desktop, right at the bottom under ‘Reset and Clean up’.
Hit ‘Clean up computer’ and Chrome will hunt for harmful software and remove it. For added privacy, uncheck the ‘report details to Google’ option.
How To Make Chrome More Secure
We’ve covered the main security settings Chrome provides and some of the best practices while using the browser. Now let’s look at how to make Chrome more secure with the help of third parties.
Here are the best Chrome extensions for security:
For Windows 10 and Windows 7 users, the native Windows Defender is an invaluable tool. You’d be remiss to think it only protects its own Edge browser.
Chrome is the most popular option in the world. Logically, Microsoft offers an extension so Defender can work its magic while you surf the Web.
The core feature is a big red interstitial that gets inserted, warning you of a dangerous or phishing webpage before they have a chance to load.
You know it’s installed correctly because of the icon in the top right of the browser. Visiting the test page at https://demo.smartscreen.msft.net/ lets you preview the process.
Avast Online Security
An alternative extension to Microsoft Windows Defender comes from the every-popular Avast anti-virus software. Its Chrome protection blocks pages in a similar fashion, as well as letting you manage cookies.
You’ll know a site is safe because of the green icon, while a gray icon means it hasn’t been officially vetted.
We were particularly impressed with the search engine protection. Results from Google and Bing are listed with the same icons, so you know whether a site is safe before clicking on it. The downside is it doesn’t work with DuckDuckGo.
It’s not just about how to make Chrome secure. It’s about your email, too.
Desktop computer users tend to access Gmail via their browser rather than an app, so consider additional security. The good news is Gmail is encrypted at the Google server level, but there are no other privacy settings Chrome provides for it.
Extra encryption is useful for corporate employees, journalists, and anyone that wants to ensure nobody other than the intended recipient can read their messages.
The FlowCrypt plug-in adds a new ‘Secure Compose’ button above the regular one. Any messages you type here – even drafts – are encrypted. The recipient will need FlowCrypt installed themselves, but you can also use a password to decrypt, which you can share via another secure channel.
Similar plug-ins include Lockmagic, Mailvelope, and Snapmail.
In recent years you may have noticed an increase in the use of the HTTPS protocol in web addresses instead of the original HTTP. This means the site in question is using SSL encryption and your data is somewhat secured if you enter anything, like a registration field, forum post, or checkout a purchase.
It’s not foolproof but Google and Chrome penalize sites that haven’t yet jumped on board.
The HTTPS Anywhere extension now protects you when you visit unsecured sites by encrypting on the fly. Browse any site you know is still only using HTTP and it will automatically switch to HTTPS.
With over 2 million users, Ghostery is a popular ad blocker and privacy extension. It simply removes annoying banner ads from sites, preventing clutter and cookie tracking.
If a tracker does get through, your privacy remains intact – Ghostery masks the information it collects.
Overall, browsing is faster because it cuts out a lot of the background loading of ads and tracking codes, which can make pages hang.
The most well-known ad blocking extension is AdBlock Plus. Though it sounds premium, installation is free.
It blocks ads and tracking on most websites and is one of the few that can remove them from YouTube without disrupting videos.
It’s available on Chrome mobile extensions, so Android users won’t be bothered by ads either.
More of a website rating service than a blocker, SiteJabber is aimed at online businesses. When the extension is active you get a rating out of 5. It soon lets you know if a web store has terrible customer service or is an outright scam.
The independent user reviews outside of the sites in question (which are often fake), are a nice touch.
The uMatrix tool is a little more involved than most secure browsing Chrome extensions. It lets you block individual elements on web pages as a rule or on the fly when on the page. This includes:
- CSS stylesheets
- And more
So, how secure is the Google Chrome password manager? It has one general flaw is the inability to generate truly strong passwords. It also doesn’t have any extra features.
For example, the email you provide on a website is a faux address that forwards to your real address. The premium version does the same but for credit card details. Blur processes the payment and the merchant never sees or stores your real card number.
If you want to secure bookmarks, Chrome supports this via extension. This adds an additional password. Managing bookmarks is easy thanks to the intuitive interface and you can effortlessly import and export bookmarks between the secure list and regular Chrome variety.
The question you should be asking might not be how to secure Google Chrome, but how to secure third-party data giants like Facebook.
As entertaining as the platform is, privacy advocates are keen to point out that it’s your data they mine and sell. The social side is just a way to get you to give it away for free.
Facebook especially likes tracking you off-site so it can include the data in its algorithms and provide a more accurate platform for its advertisers.
The Disconnect Facebook Chrome extension blocks all requests made outside of the social media platform itself, putting this side of their invasiveness to bed.
How to browse securely the old-fashioned way? Use a virtual private network (VPN). This masks your geographic location and funnels all internet data and requests through an encrypted tunnel.
In short, any website you visit will be unable to determine the true origin of your connection. Chrome extensions like PIA or Surfshark VPN do this directly from within the web browser with minimal technical know-how required.
Using a completely separate VPN service can provide even greater protection for all your internet usage.
Great news – now you know how to make Chrome secure. Its built-in settings are robust and allow plenty of extra security tweaks. You can limit Google’s own collecting of personal data and protect your personal information.
Understanding hidden settings and using extensions also make Chrome fast and secure in ways you might not have known.
Happy – and now safe- browsing!