I’m asked about security when browsing the Internet on almost a daily basis. You may have accidentally installed some sort of fake antivirus by clicking on a scareware or phishing link. You may have been inadvertently forwarded to a pornographic or shady website. Then again, you may have had your credit card stolen. Regardless of how Internet savvy you are, everyone is susceptible to security flaws when browsing the web.

After writing this post, I realized that it is pretty long. I apologize for the long read, but it really has a ton of great information. Enjoy!

What is a web browser?

Some people still don’t exactly know what a web browser is or what it means to them. Instead of explaining all of this out in technical details, I’m not going to reinvent the wheel. Google posted an awesome short video on YouTube with a quick overview of what a web browser is.

Now, an easy way to tell what web browser you’re using is to go to http://www.whatbrowser.org/en/. It has the same video above, but should automatically detect your browser version and its released date to the left.

How do I secure my web browsing experience?

Now that you know what a web browser is, you should know how to safely use it.

There are several key security aspects when it comes to browsing the Internet. The first is of course your virus and malware protection.

Virus & malware protection

Make sure to always use an up-to-date antivirus program and regularly scan your computer for malware. I personally think that Microsoft Security Essentials is the best free antivirus program available at the moment. Another good anti-malware scanner is Malwarebytes’ Anti-Malware.

Your initial step in securing your browsing experience (as well as your computer in general) is to download an antivirus program and an anti-malware scanner, update their definitions daily, and run a scan of your computer at least weekly. You can find the links to download these applications on our helpful software page.

Use the right browser and secure it!

Most people still use Windows and most still browse the web with Internet Explorer. Virus creators and scammers want to affect as many people possible so they usually target the security flaws in the most popular operating system and Internet browser. Aside from that, Internet Explorer is inherently very insecure. Mozilla Firefox, Google Chrome, Opera, and even Safari are more secure than Internet Explorer when it comes to your browser’s default settings.

Mozilla FirefoxFor 99% of users out there, Mozilla Firefox would be the best choice as a more secure browser to switch to. I tend to prefer Google Chrome to Firefox for speed and other functionality, so we’ll cover the steps for securing either browser for your computer.

Mozilla Firefox

  1. Download Mozilla Firefox here.
  2. Install Mozilla Firefox from the downloaded file (you can usually just accept all of the default options).
  3. After installation is complete, you’ll want to download a few security add-ons for Firefox. Open up your Mozilla Firefox browser if it isn’t already open.
  4. Download and install Adblock Plus here.
  5. Download and install WOT – Safe Browsing Tool here.
  6. Download and install Dr. Web anti-virus link checker here.
  7. Download and install BetterPrivacy here.
  8. Download and install NoScript here.
  9. Next, we’ll want to configure a few settings for Firefox.
  10. In Firefox, on the menu bar, click on “Tools” > “Options” > “Privacy”, and choose “Never remember history” from the drop down menu.
  11. Then, while in Firefox’s Options, click on “Security” and make sure the top three checkboxes are checked for “Warn me when sites try to install add-ons”, “Block reported attack sites”, and “Block reported web forgeries”. Also, make sure that the next two checkboxes are unchecked for “Remember passwords for sites” and “Use a master password”.
  12. Click the “OK” button at the bottom of the “Options” box to save the settings. We’ll go over why I recommend these settings a little later.

Google Chrome

  1. Download Google Chrome here.
  2. Install Google Chrome from the downloaded file and open the program.
  3. Next, we’re going to download some extensions for Chrome which are just like add-ons for Firefox.
  4. Download and install AdBlock here.
  5. Download and install the Browser Button for AdBlock here.
  6. Download and install FlashBlock here.
  7. Download and install Web of Trust here.
  8. Now, in Chrome, click on the wrench icon and then select “Options”. Click on the “Personal Stuff” tab and choose the “Never safe passwords” radio icon under the “Passwords:” section.
  9. Lastly, click “Close” at the bottom of the Options screen to save the settings change.

One last step to beef up the security of your web browser is to run it in Sandboxie.

Sandboxie is a fantastic little program that you can use to open your web browser in a “sandboxed” mode. While running your browser in a sandbox, Sandboxie won’t allow the web browser to write data to your system. Instead, it uses a separate area that Sandboxie creates to protect your system, program, and user files.

Click here to download and install Sandboxie.

Sandboxie taskbar iconSandboxie should have automatically opened after installation. You shouldn’t need to edit any settings within the program, but when you close the Sandboxie window, it will give you a message that the program will continue to run in the taskbar, which is fine for it to do. The taskbar icon for Sandboxie should look like the image to the right.

Sandboxed web browser shortcut
After installation of Sandboxie, you should also notice a new icon on your desktop that looks like the image to the right. Whichever program you have set as your default browser should open up in “sandboxed” mode by double-clicking on this icon.

If your browser doesn’t open for some reason by default, you can edit the desktop shortcut to specify Mozilla Firefox or Google Chrome. To do this, right-click on the desktop shortcut and choose “Properties”. In the properties box, edit the text in the “Target” field from “default_browser” to “firefox” or “chrome” as shown in these two images.
Sandboxed web browser shortcut default propertiesChange the above text to the text below:Sandboxed web browser shortcut for Firefox
Click the “Apply” button and then the “OK” button at the bottom of the properties box and the shortcut should open up your browser correctly now.

To verify that your browser is running in “sandboxed” mode, check for hash tags (#) around the title in the top bar of your web browser as shown below.
Sandboxed web browser tags

By performing these steps and installing these programs and add-ons, your browsing experience should be drastically more secure. The add-ons that we installed for Firefox or Chrome will either inform you of shady links and websites or block ads, flash, and other scripts from running in your browser. Each add-on easily allows you to add certain websites to the “allowed sites” or “whitelist” which will disable the add-on for that site. They also easily have an option to disable the add-on entirely, which I wouldn’t recommend.

Create long, secure passwords or passphrases for your online accounts

This is usually the most difficult step for most people. A good password is key to protecting your online accounts from brute force attacks or easily guessed account access. Unfortunately, no matter how secure your password is, a keylogger can send your password directly to a malicious source. This is why a good antivirus and antimalware program is the first recommendation!

As I mentioned above, we don’t recommend that you save your passwords in your web browser because some spyware can actually retrieve those from your browser’s settings without even needing a keylogger. This is how a lot of accounts become hacked (along with web and email phishing).

There are a couple of ways to go about creating a secure password.

  1. Create passwords with an automatic generator, such as the one here: http://www.pctools.com/guides/password/. I always recommend a password that is at least 8 characters long and that has a good mix of letters and numbers, as well as special characters.
  2. Create a long passphrase that is easy for you to remember.

    Because of the additional length of a good passphrase, the need for numbers and special characters decreases. A good way to create a passphrase is to use a sentence as your password, such as the following examples:

    • MyfavoriteplacetoeatisatAblyAsianinJasper!
    • IthinkVincentVanGoghisthebestpainterever!

    As you can see in the examples, these passphrases are both 42 characters long! They also use upper and lower case letters and has an ending punctuation, which is natural for the sentence and is easy to remember.

Some sites won’t allow passwords above a certain length, so in those cases, I would use a randomly generated password. For better security though, try using a long passphrase wherever possible. I will be going over passwords in the next 2 Minute QuickTips screencast, which should be uploaded this weekend!

I know this blog post has been a long read, but I really wanted to give as much detail and instruction as possible to help secure your online browsing experience. As always, if you ever need help with anything we cover in our posts, or if you have other questions, contact us today!