By default, web browsers are not configured with the most secure setting. These settings must be changed by the user. It is very important to configure the browser to be secure to help prevent ransomware, malware, spyware, etc., from being installed on your computer, attackers from taking control of your computer, criminals from stealing your information, or using your computer for nefarious activity without your knowledge of any of this going on.
This is the most common list of secure settings for most browsers:
- Keep your browsers patched and up-to-date.
- Desktop Central is doing your third-party patching for you.
- It wouldn’t hurt to check for updates.
- Block pop-ups. (Important: If you need to allow a blocked pop-up for work, please use Firefox to allow, then let the HelpDesk know the website that needs to be allowed for Chrome and Edge and we will add.)
- Chrome: Go to Settings > Privacy and security > Site Settings > Content > Pop-ups and redirects and click button by “Don’t allow sites to send pop-ups or use redirects.”
- Edge: Go to Settings > Cookies and site permissions > Pop-ups and redirects > Turn on Block.
- Firefox: Go to Firefox menu > Preferences (Mac) Options (PC) > Privacy & Security > Permissions section. Check “Block pop-up windows.”
- Safari: Go to Safari menu > Preferences > Websites tab, click “Pop-up Windows” from the left-hand pane and set “When visiting other websites:” to “Block and Notify.”
- Block plugins and phishing sites (aka Safe Browsing).
- Chrome: Go to Settings > Privacy and Security > Security > Click button by “Standard protection” to be protected against dangerous websites, downloads, and extensions.
- Edge: Go to Settings > Privacy, search, and services > Security > Turn on Microsoft Defender SmartScreen and Block potentially unwanted apps.
- Firefox: For both Mac and PC – go to Firefox menu > Preferences (Mac) Options (PC) > Privacy & Security > Permissions section. Check “Warn you when websites try to install add-ons.”
- Safari: Go to Safari menu > Preferences > Websites tab, click “Pop-up Windows” from the left-hand pane and set “When visiting other websites:” to “Block and Notify.”
- Set your browser NOT to store passwords.
- Chrome: Go to Settings > Passwords and turn off “Offer to save passwords” and “Auto Sign-in.”
- Edge: Go to Settings > Profiles > Passwords > Turn off Offer to save passwords.
- Firefox: Go to Firefox menu > Preferences (Mac) Options (PC) > Privacy & Security > Browser Privacy section. Uncheck “Ask to save logins and passwords for websites”.
- Safari: Go to Safari menu > Preferences > AutoFill tab and uncheck the “User names and passwords” box.
- Disable third-party cookies.
- Chrome: Go to Settings > Privacy and security > Cookies and other site data > Click button by “Block third-party cookies.”
- Edge: Go to Settings > Cookies and site permissions > Cookies and data stored > Manage and delete cookies and site data > Turn on “Block third-party cookies.”
- Firefox: Go to Firefox menu > Preferences (Mac) Options (PC) > Privacy & Security > Content Blocking. Select “Custom” and set Cookies to block “Third-party trackers.” Also place checks to block Cryptominers and Fingerprinters.
- Safari: Go to Safari menu > Preferences> Privacy tab, and select “Block all cookies.”
- Turn off Tracking (for Privacy).
- Chrome: (Privacy Sandbox is in trial development.)
- Edge: Settings > Privacy, search, and services > BALANCED.
- Firefox: Go to Firefox menu > Preferences (Mac) Options (PC) > Privacy & Security > Content Blocking. Check “Always” under “Send websites a “Do Not Track” signal that you don’t want to be tracked.”
- Safari: Go to Safari menu > Preferences > Privacy tab and select “Prevent cross-site tracking.”
Please keep in mind that browser updates may mean unexpected changes to where these settings may be found in different versions of each browser.