10 Browser Privacy Settings You Should Change Right Now

Why Default Browser Settings Are Privacy-Hostile

Popular web browsers like Google Chrome, Microsoft Edge, and Apple's Safari are built by corporations that rely on digital advertising or ecosystem lock-in. Default settings are systematically optimized to maximize telemetry, simplify cross-site tracking, and encourage data collection, which is then fed into data brokers' massive behavioral profiles. These defaults act as silent leaks, broadcasting your unique hardware parameters, browsing history, and online actions to ad networks. Fortunately, you can audit and modify ten critical configurations to secure your browser in under ten minutes.

1. Block Third-Party Cookies

Third-party cookies are small identifiers set by domains other than the one you are actively visiting, such as the Facebook Pixel or Google AdSense. As you navigate the web, these ad networks read the cookie to link your sessions, allowing them to construct a detailed timeline of your medical searches, financial research, and hobby interests.

To disable these cookies in Google Chrome, navigate to Settings → Privacy and security → Third-party cookies and select Block third-party cookies. In Mozilla Firefox, go to Settings → Privacy & Security → Enhanced Tracking Protection and select Strict. This change cuts off the most prevalent method of cross-site tracking across the internet.

2. Disable Telemetry and Data Sharing

Browser vendors collect crash reports, interface usage patterns, active extension lists, and hardware configurations under the guise of improving user experience. However, these data streams are frequently tied to unique browser installation identifiers, creating a software-level signature that can easily be correlated with your IP address and real identity.

To turn off telemetry in Google Chrome, navigate to Settings → You and Google → Sync and Google services. Under Other Google services, disable the toggles for Help improve Chrome's features and performance. In Mozilla Firefox, open Settings → Privacy & Security, scroll down to Firefox Data Collection and Use, and uncheck all boxes.

3. Enable Encrypted DNS (DNS-over-HTTPS)

Standard DNS queries are sent in cleartext, meaning every network hop between your machine and the recursive resolver can read the exact website address you visit. This allows your ISP or public Wi-Fi eavesdroppers to log your browsing activity. DNS-over-HTTPS (DoH) encrypts these requests within standard HTTPS traffic, hiding your queries from external snooping.

For Google Chrome, navigate to Settings → Privacy and security → Security. Under the Advanced section, enable Use secure DNS and select Cloudflare (1.1.1.1) or NextDNS. In Mozilla Firefox, open Settings → Privacy & Security, scroll to DNS over HTTPS, select Max Protection, and choose Cloudflare or NextDNS.

4. Turn Off Autofill for Addresses and Credit Cards

Browser autofill remembers your name, physical addresses, phone numbers, and payment details for convenience. However, compromised third-party advertising iframe containers can inject invisible input fields into a web page. When you use autofill to enter your name on a visible form, the browser quietly populates these hidden fields, leaking sensitive billing data.

To prevent this in Google Chrome, go to Settings → Autofill and passwords and turn off toggles in Payment methods and Addresses and more. In Mozilla Firefox, access Settings → Privacy & Security, scroll to Autofill, and deselect the checkboxes for autofilling addresses and credit cards.

5. Disable Page Prefetching (Preloading)

Page prefetching speculatively downloads the assets of speculative links you are likely to click next in the background. If those pages contain tracking scripts, cookies, or beacons, your browser loads and executes them anyway. This means you are constantly making network connections and receiving tracking cookies from websites you never actually chose to click.

In Google Chrome, go to Settings → Privacy and security → Performance and change Preload pages to No preloading. In Mozilla Firefox, enter about:config in the address bar, bypass the warning, search for the preference network.prefetch-next, and toggle its value to false. Also set network.dns.disablePrefetch to true.

6. Audit and Revoke Site Permissions

Websites frequently request persistent access to system resources, including your location, camera, microphone, and notification system. Compromised or malicious sites can abuse these active permissions to track your physical movements, capture environmental media, or bombard you with deceptive notifications designed to mimic system errors.

To clean up these permissions in Google Chrome, navigate to Settings → Privacy and security → Site settings. Review default behaviors and change location, camera, and microphone permissions to Don't allow sites to.... In Mozilla Firefox, visit Settings → Privacy & Security, locate Permissions, and check the boxes to block new requests.

7. Disable WebRTC Peer Connections

WebRTC enables real-time peer-to-peer audio and video calls directly within the browser. However, to establish direct connections, WebRTC must query the client's internal network interfaces via STUN servers. This process bypasses standard operating system routing tables, leaking your actual local LAN and WAN IP addresses even when an active VPN is connected.

Because Google Chrome has no built-in UI toggle for this, you must install a trusted extension like AdShield Pro to block WebRTC leaks. In Mozilla Firefox, navigate to about:config in the URL bar, search for media.peerconnection.enabled, and double-click the setting to toggle its value from true to false.

8. Force HTTPS-Only Mode

Unencrypted HTTP connections send all traffic—including HTML code, cookies, and typed credentials—in cleartext, making them highly vulnerable to Man-in-the-Middle (MitM) attacks. HTTPS-Only Mode ensures that your browser refuses to establish unencrypted connections, automatically upgrading all HTTP requests to TLS-secured HTTPS.

To enforce this in Google Chrome, go to Settings → Privacy and security → Security and toggle on Always use secure connections. In Mozilla Firefox, open Settings → Privacy & Security, scroll to the bottom, and select the radio button to Enable HTTPS-Only Mode in all windows.

9. Turn Off Search Suggestions

When you type a query into the address bar (Omnibox), your browser transmits every single keystroke to your default search engine in real time. This behavior allows search companies to log your queries as you formulate them, capturing typos, accidentally pasted passwords, and personal inquiries even if you never press the "Enter" key or complete the search.

To stop this keylogging in Google Chrome, open Settings → You and Google → Sync and Google services and toggle off Autocomplete searches and URLs. In Mozilla Firefox, go to Settings → Search and uncheck Show search suggestions ahead of address bar results.

10. Install AdShield Pro for Advanced Protections

While standard browser settings secure your browser's baseline architecture, they do not block active tracking scripts that execute within a web page's JavaScript environment. Trackers use advanced fingerprinting APIs—such as canvas rendering, audio contexts, and font enumerations—to identify your machine without cookies.

To defend against these advanced threats, install AdShield Pro. AdShield Pro operates at the application layer, using advanced network filtering engine technology and strict cosmetic rulesets to block tracking scripts, remove intrusive advertising elements, and spoof fingerprinting vectors before they can execute.

AdShield Pro blocks ads, trackers, and fingerprinting scripts — free for Chrome, Firefox, and Edge. Install now.