www.winhelp.us

Content

Tip: keyboard shortcut Ctrl+F searches in the page contents

Securing Google Chrome

Last modified: 2012-02-08 21:17:33 EET

Open Google Chrome options by clicking the wrench-shaped icon (Customize and Control Google Chrome) in the upper right corner and clicking Options.

A new browser tab opens.

Those people very concerned with their online privacy can clear the Enable Instant for faster searching and browsing (aka Omnibox) check box on Basics tab. This will prevent sending information about your searches and visited pages to Google.

Click Personal Stuff tab on the left.
If you synchronize your Chrome data between different computers, click the Advanced... button.

Make sure you do not sync Passwords - a web browser should not be used to store these because any malware can easily steal the stored user names and passwords!
In the Encrypted data types section, select to Encrypt all synced data if you sync sensitive information. This option should be accompanied with enabling the Choose my own passphrase option in the Encryption passphrase section - if your Google Account is hijacked, your Chrome data will still be safe.
Click OK.

Next, set Passwords to Never save passwords. This is very important because malware can easily steal all user names and passwords for sites you have visited (including your bank!). Use Password Safe for remembering passwords instead.

Next, click Under the Hood tab. Under Privacy section, click the Content settings... button.

Google Chrome Content Settings window opens.
Those extremely privacy-concerned, can activate the Allow local data to be set for the current session only, Block third-party cookies from being set and Clear cookies and other site and plug-in data when I close my browser options.
But remember, some sites may not work properly if using these options - never enable the settings above in case you are using two-factor authentication schemes, such as those on Gmail, Yahoo and Facebook! If you are, enable only the Allow local data to be set (recommended) option here!

Google Chrome offers physical location tracking - some sites may want to know where exactly you are in the world and display contents (read: ads ) accordingly. As privacy is a major concern nowadays, the security-aware of you may want to disable this feature completely. After all, why on earth would you tell some web site your current address?
To disable location tracking, enable the Do not allow any site to track my physical location option in the Location section.
In case you do want to give a specific site access to your location data, click Manage exceptions... button and add the site address to the list.
If you'd rather decide site-by-site whether to reveal your location or not, accept the default - Ask me when a site tries to track my physical location (recommended), but never select the Allow all sites to track my physical location option: this option will be misused by malware and malicious sites in the future very near.

Desktop Notifications feature enables web sites and extensions pop up windows with messages even when Google Chrome window is not active. The most innocent example of the notifications is the GMail new mail alert - you'll see a message whenever a new mail arrives in your GMail mailbox (if you have one). But this might go much further with intrusive messages filling your Windows desktop while visiting a malicious web page.
To disable Desktop Notifications completely, select the Do not allow any site to show desktop notifications option.
If you really need the feature, select the Ask me when a site wants to show desktop notifications (recommended) instead.

To disable the feature that allows hiding mouse cursor, select the Ask me when a site tries to disable the mouse cursor (recommended) option.

Click the X mark on the top right of the Content Settings window to close it.

Back in Under the Hood tab, make sure that Enable phishing and malware protection is checked. This will keep you away from malicious sites and downloads.
Those very concerned about their privacy can clear the Use a prediction service to help complete searches and URLs typed in the address bar, Predict network actions to improve page load performance and Automatically send usage statistics and crash reports to Google boxes to disable any possible usage tracking.

Scroll down to the HTTPS/SSL section. Then click to put a check mark in the Check for server certificate revocation box. This setting will ensure that any web server's security certificate will be checked for validity before accepting it.

And finally, you can clear the Continue running background apps when Google Chrome is closed check box in the Background Apps section. This will close all apps with Chrome and, for example, prevent Desktop Notifications from GMail appearing while Chrome is not running.
The option is mainly meant for those who are very concerned about their online privacy.

That's it - close the Options tab in Google Chrome.

To run your browser even more securely and protect it from zero-day attacks, use the free Microsoft EMET.

 Comments? Suggestions? Ideas? Let me know! 

Your name (public):

Your e-mail (will not be displayed):

Title:

Notify me of new comments to this page:

Your comments/suggestions/ideas (no HTML code!)
winhelp.us owners reserve the right to remove or not publish comments that they find unacceptable because of strong language, inappropriate contents, advertising or spamming.
winhelp.us Privacy Policy