Not all browsers offer the exact same extensions, but Google Chrome and Mozilla Firefox are the two most popular browsers, and the ones I focus on here. (Most Chrome extensions will also work with Microsoft Edge, Brave, Opera, and Vivaldi, though we haven’t fully tested them.) Of the two, I recommend Firefox if you prioritize privacy, as it’s much more focused on privacy out of the box compared with Chrome. Regardless of which browser you use, a pack of extensions can increase your privacy by decreasing your exposure to trackers, as well as have the welcome side effect of boosting your security. I’ve included links for both Chrome and Firefox, along with alternatives to our favourites, if they exist.
As for other browsers, Apple’s Safari isn’t bad when it comes to privacy, but it lacks wide support for popular browser extensions. Edge is based on Chromium and will work with the bulk of the Chrome extensions in this article, but Edge has its share of privacy issues. Brave is one of the more popular privacy-first browsers, but even it isn’t free of privacy-related controversies. The Tor Browser is the go-to for anonymity, especially in censored countries, but it’s unusable for most people as a daily browser. Dozens of other lower-profile browsers exist, but few get the security updates and support that most of us need in the software we use all day.
Ad blocker: uBlock Origin
Ad blockers are browser extensions that block intrusive pop-ups, invasive trackers, and malicious ads. You have a lot of options for different ad blockers, but I’ve always found that uBlock Origin doesn’t hog system resources (an assumption others have confirmed), nor does it block so much that it ruins a site’s layout and functionality. I also like how easy it is to disable uBlock Origin on a case-by-case basis, either to allow ads on sites that aren’t annoying or to temporarily enable features uBlock tends to break, like comments sections.
Alternatives: I’ve found that AdBlock, AdBlock Plus, and Ghostery all have steep learning curves or poor performance, but some people prefer them to uBlock Origin. If you want to go hard on ad blockers and kill every ad from every device on your home network, you can build a tiny computer dedicated to just that using Pi-hole software.
Tracking blocker: Privacy Badger
In conjunction with uBlock Origin, consider also running Privacy Badger, an extension designed to block tracking tools, the scripts that tend to record your visits and build profiles based on the websites you view. Privacy Badger learns as you browse, which means it might catch more trackers than running uBlock Origin alone.
Alternatives: If you want to learn more about the trackers on the sites you visit, Disconnect can provide more detailed information, but it can be a bit overwhelming. Firefox has a built-in feature (powered by Disconnect) to block trackers, but some may get through, so we still recommend an extra add-on.
Secure connections: HTTPS Everywhere
See the little lock icon in your browser’s URL bar? That shows that this site uses HTTPS, a more secure version of HTTP (which is just the way your web browser and websites send information back and forth). HTTPS Everywhere forces your browser to go to the secure URL of a site, even if you click a link that doesn’t direct you there. According to Let’s Encrypt, the vast majority of US sites now use HTTPS, but for the time being I still recommend using HTTPS Everywhere as a fail-safe (though this may change).
Local resources: Decentraleyes
Login protection: Use a password manager
A password manager is the first step to protecting your online accounts. Password managers are usually accessed through a browser extension that generates, stores, and fills your passwords as you browse the internet. This makes it easier, faster, and more secure to log in to websites. We like 1Password and Bitwarden. Most browsers can also save and fill passwords without a dedicated password manager, but they often don’t work across all operating systems (including your phone), or provide tools to securely generate or share passwords. A dedicated password manager is better at warning you about weak or compromised passwords.
Firefox Multi-Account Containers
As the name suggests, Firefox Multi-Account Containers is a Firefox-only extension, but I’ve found it useful while working from home on my personal computer full time. Essentially, Multi-Account Containers lets you create separate storage containers for different types of browsing—such as work, personal, social media, and shopping—so your web-browsing behavior doesn’t get tracked across sites as easily. In my case, my Google Account for work is siloed off from everything else I do. This prevents me from being accidentally logged in to work email or bombarded by ads for bear canisters because I’m researching the VPN provider TunnelBear. I used to do this by running different browsers—one for work and one for personal stuff—but now I can do it all in Firefox.
Alternatives: Temporary Containers works similarly to Multi-Account Containers but offers more ways to customize how the containers function. Facebook Container is essentially a streamlined version that isolates only Facebook, typically the worst offender for tracking your browsing. If you don’t want to futz around with a bunch of different settings, Facebook Container is a great option for cutting off only your Facebook use.
- Use a VPN: The browser extensions above hide the bulk of your activity while browsing, but a virtual private network (VPN) can add another layer of privacy by routing your traffic through a secure, encrypted connection. This prevents your internet service provider from seeing your online activities. VPNs can also change your location and IP address, making it more difficult for other parties to track you over time (though an untrustworthy company may still leak or monitor that data).
- Enable DNS over HTTPS (DoH): Web browsers are rolling out support for DoH, a protocol that increases privacy by encrypting DNS, which makes it much more difficult for someone—your internet service provider included—to snoop on your web browsing. ZDNet has a guide for enabling DoH in most modern browsers. (Although, if you use a trustworthy VPN, it’s redundant to have DoH enabled in your browser.)
- Change your default search engine: It’s no secret Google tracks everything you do and then uses that information to serve up ads. Alternatives like DuckDuckGo and Startpage work well, and they don’t store your personal information or search data. Here’s how to change your search engine on Chrome or Firefox. You may still need to visit Google for some searches, but the less you use it, the better.
There are many layers of privacy protection, and how deep you want to go with it depends on what’s important to you. If you’re interested in more advanced privacy protections because you want to keep your data out of the hands of government or law enforcement, I recommend reading the Electronic Frontier Foundation’s guide to using the Tor Browser, checking out the Tails operating system, or digging into PrivacyTools’s Firefox configuration tips. Plenty of other extensions exist if you want to take things further, including NoScript, Cookie AutoDelete, uMatrix, and CanvasBlocker. They tend to make general web browsing a pain, though, so I recommend them only for advanced users.
Thorin Klosowski is the editor of privacy and security topics at Wirecutter. He has been writing about technology for over a decade, with an emphasis on learning by doing—which is to say, breaking things as often as possible to see how they work. For better or worse, he applies that same DIY approach to his reporting.