How to improve browser security and privacy in Chrome and other browsers

Browsers are one of the main ways people access email, cloud platforms, banking, online documents, support portals, and day to day websites. Because of that, browser privacy and security are not only about blocking obvious threats. They also affect what websites can learn about the browser, what permissions a site receives, what downloads are allowed, and how much information may be exposed during normal browsing.

This guide explains how browser protections work in Chrome and other browsers, what they help reduce, where their limits remain, and why browser fingerprinting, extension visibility, and device telemetry now deserve more attention. It is designed as an explanatory guide first, with practical checks later in the page.

This matters because browsers often sit in the middle of a wider security chain involving DNS, online accounts, cloud services, downloaded content, and user decisions.

The sections below cover the main browser security and privacy topics discussed in this guide. Use the links to jump to the part most relevant to your question.

• How browsers expose information to websites
• What can go wrong even when the browser is updated
• Why browser extensions can affect both security and privacy
• A recent example of browser extension and device data collection
• How browser protections help
• What Secure DNS and DNS filtering do
• What browser protections do not do
• Practical browser security and privacy checks
• Why this matters for real accounts and services
• Periodic review is still necessary
• FAQ
• Further Guidance and Support

When a browser opens a website, it does more than simply display a page. It exchanges technical information needed to render content, run scripts, store site data, handle language preferences, manage permissions, and connect to other services involved in the page. Some of that behaviour is normal and necessary. Without it, many websites would not function properly.

The important point is that privacy is not only about obvious tracking banners or visible cookies. A browser can reveal information through its settings, supported features, storage behaviour, screen related details, language choices, time zone, and installed components. Even when a browser is updated and working normally, websites can still observe parts of the environment they are interacting with.

Some of these signals exist for compatibility and performance reasons rather than tracking alone. The privacy concern begins when those signals are combined, stored, or used to make one browser more distinctive than another.

Keeping the browser updated is still essential, but an updated browser is not private by default. A secure browser can still allow unnecessary permissions, carry too many extensions, expose a distinctive set of browser signals, or permit more data collection than the user realises.

This matters because browser privacy risk is often quieter than malware or obvious phishing. Nothing may appear broken. A site may simply learn more about the browser and device than the user expects. That can contribute to a more distinctive profile of the person visiting the site, especially when combined with account logins, cookies, or repeated visits.

This is why browser privacy cannot be judged only by whether the browser is fully patched.

Browser extensions are often discussed only as a security issue. That is still important. Unnecessary, poorly maintained, or untrusted extensions can widen attack surface, read page content, interact with websites, and introduce new weaknesses.

But extensions can also affect privacy in a different way. A large or unusual extension set can make a browser more distinctive. In practical terms, that means the browser may stand out more from other users. Even when an extension is not malicious, its presence may still contribute to how identifiable the browser becomes. That is one reason why a smaller, more deliberate extension set is usually better than treating the browser as a place to install every convenience tool available.

Extensions can also introduce trust questions around who maintains them, what permissions they request, how often they are updated, and whether they still need the access they were originally granted.

A useful recent example comes from a public report that raised concerns about claims that a LinkedIn related script checked for 6,236 Chrome extensions and gathered device related details such as CPU core count, available memory, screen resolution, time zone, language settings, battery status, and storage related information. The same report also says LinkedIn stated that such checks were used to detect scraping related extensions rather than to infer sensitive information.

The value of mentioning that report is not to turn this page into a reaction article. The value is that it gives a real example of why browser privacy should be treated as more than a cookie question. It shows how extension visibility and device characteristics can become part of a wider browser fingerprinting discussion.

Modern browsers include controls that affect how websites connect, what content is allowed to run, what permissions a site receives, and whether suspicious behaviour is blocked or limited. These controls do not make browsing risk free, but they can reduce exposure and make some deceptive or unsafe behaviour less effective.

In practical terms, browser protections may include safe browsing or phishing protection, secure connection warnings, site permission controls, download scanning, password and passkey support, privacy settings, and update mechanisms. These are useful because they reduce unnecessary exposure during ordinary browsing, even though they do not solve every privacy or security problem on their own.

When a browser opens a website, one of the early steps is resolving the site name into an address the device can use. Secure DNS helps protect that step by sending DNS lookups through an encrypted method rather than leaving them more exposed to interference or inspection on the local network path.

This does not replace every other security control, but it can improve privacy and help reduce certain risks around DNS requests. In practical terms, Secure DNS can be combined with a trusted DNS provider so that the browser is not only using encrypted lookups, but also benefiting from the provider’s filtering policies where those are available.

Secure DNS and DNS filtering can reduce exposure to some malicious destinations and improve privacy on the DNS lookup path, but they do not stop a website from running scripts in the browser once the page has loaded. That means they are valuable protections, but only for part of the browsing chain.

Browser settings are useful on their own, but they become stronger when combined with a filtering DNS service. This is where services such as NextDNS or Cloudflare can add value.

A DNS filtering service can help block access to known malicious domains, phishing pages, deceptive advertising networks, trackers, or other unwanted destinations before the browser fully loads the content. That does not mean every harmful page will always be blocked, but it can reduce exposure earlier in the connection process.

This is a good example of layered security. The browser has its own protections. The DNS layer can add another filter. Account security measures such as strong passwords, multi factor authentication, and security keys still remain separate and important.

NextDNS can be useful because it allows a more tailored filtering policy than the default settings built into many browsers or networks. Even the free version can still provide meaningful extra filtering, especially for people who want more control over what is blocked and what is allowed.

In practice, a NextDNS profile can help improve protection by adding filters for malicious domains, phishing sites, trackers, and other selected categories. It can also create more consistent protection across different browsers and devices, because the filtering logic sits outside the browser itself.

That point is important for the page. The value is not only in Google Chrome. A configured DNS filtering service can support Chrome, Edge, Firefox, and other browsers, helping to improve the overall browsing environment rather than relying on one browser’s built in choices alone.

Google Chrome is a common starting point because many people use it, but similar security and privacy settings also exist in Microsoft Edge, Mozilla Firefox, and other modern browsers. The names and layout may differ slightly, but the main ideas are usually very similar.

This matters because the guide should not imply that only one browser can be hardened properly. A person may prefer Edge at work, Firefox at home, or Chrome across several devices. The practical approach is to understand the types of controls that matter, then look for the equivalent settings in the browser being used.

Browser protections can reduce exposure during everyday browsing, but they do not solve every security problem on their own. They should be understood as one layer within a wider security approach.

On their own, they do not:

• • guarantee that all malicious websites will be blocked
  • replace software updates
  • replace anti malware or endpoint protection
  • replace strong passwords or multi factor authentication
  • directly secure an account in the same way as identity controls
  • remove the need for periodic review

A more accurate way to describe the benefit is that these controls can reduce exposure to harmful websites, phishing pages, trackers, and other unwanted domains, which helps lower risk during normal browsing.

Browser protections do not necessarily prevent websites from attempting browser fingerprinting or observing technical characteristics of the browsing environment. Privacy settings can reduce some forms of tracking without making browser identification impossible. Secure DNS helps protect DNS lookups, but it does not stop site side scripts from running once the page loads in the browser.

A sensible review does not require changing every setting. The aim is to confirm that the main protections are active and that unnecessary permissions are limited.

Many important systems are now reached through a browser, including Microsoft 365, Google Workspace, banking, business portals, support platforms, and document services. The browser is often the visible part of a wider chain involving DNS, websites, identity systems, downloads, and user decisions.

Improving browser settings and using a filtered DNS layer does not solve everything, but it can make common web based attacks, misleading prompts, unsafe permissions, and unnecessary exposure less likely during normal browsing. That is why browser privacy and browser security deserve to be reviewed together rather than treated as two separate topics.

This page should not be treated as a one time permanent checklist. Browser interfaces change, security features evolve, and the right settings can vary depending on whether the browser is used on a home device, a business laptop, or a managed environment.

For that reason, browser settings, extensions, permissions, and DNS filtering choices should be reviewed from time to time. Layered security remains the right approach. Browser settings are one layer. DNS filtering is another. Identity protection, software updates, email security, and endpoint protection remain separate layers that still matter.

Sometimes they may be able to infer or detect parts of the extension environment, depending on browser behaviour, available resources, and how the website interacts with the browser. That is one reason extension review matters for privacy as well as security.

Browser fingerprinting is the practice of combining technical characteristics of a browser and device to make that browser more distinctive. It is different from a simple cookie because it relies on observable browser behaviour or configuration rather than only stored identifier data.

No. Cookies are small pieces of stored site data. Browser fingerprinting refers to identifying or distinguishing a browser by combining signals such as settings, supported features, display information, language, time zone, and other characteristics.

In this context, device telemetry means technical details a site may gather or infer about the environment it is running in, such as memory related information, display characteristics, time zone, or language settings. Not every such signal is malicious, but together they can contribute to a more distinctive browser profile.

Not completely. Privacy settings can reduce some forms of tracking and unnecessary site access, but they do not guarantee that a website cannot observe technical characteristics of the browser environment.

No. Secure DNS can help protect DNS lookups and improve privacy on that part of the connection path, but it does not stop site side scripts from running once the page loads in the browser.

Usually yes. A smaller extension set reduces attack surface and may also reduce how unusual the browser appears compared with a heavily customised setup.

Private browsing can reduce some local storage persistence and some routine browser residue, but it is not a complete privacy shield. It does not make the browser invisible to websites.

Yes. Updates are still essential for security, but an updated browser can still expose technical information, permissions, and configuration related signals during normal browsing.

Browser hardening can reduce unnecessary exposure, improve resistance to common threats, and limit weak configurations. It does not replace software updates, endpoint protection, strong account security, filtered DNS, or careful user decisions. It is one layer in a broader security approach.

Yes. Browsers are part of layered security because they often sit between the user, the website, online accounts, cloud services, downloads, and browser based identity sessions. Browser settings, extension controls, Safe Browsing, Secure DNS, and sign in behaviour can all affect how much risk is reduced during normal use.

This guide forms part of a broader layered security approach. For structured guidance on security and resilience planning, see our Security and Resilience page.

For information about practical implementation and ongoing support, you can review our IT services and local IT support coverage across London, Hertfordshire, and Essex.

Return to all guides

Author
Elías Sánchez
IT Support Consultant
Evening Computing
London, United Kingdom

This guide was prepared by Elías Sánchez with research and drafting assistance from AI tools. All technical content has been reviewed and adapted for clarity and accuracy.

Last reviewed
17 April 2026