How to lock down your web browser security

They shall not pass.

TODO alt text

These days we all spend a lot of our computing time peering through web browser windows, which means these programs are some of the biggest targets for hackers and malware. The good news is, keeping your browser safe and secure isn't too difficult a task.

You don't have to spend a whole afternoon or evening putting up the defences in your browser of choice, but it is worth spending a few minutes to make sure everything is locked down - follow these guidelines to minimise your risk of getting caught out online.

Update your browser

You might not have realised it, but modern browsers are packed with security features designed to stop you from visiting dodgy websites and to prevent sites from taking control of your computer. To make sure these features are always present and correct, and guarding against the latest threats, keep your browser software updated.

Applying updates is in fact so important that most browsers make it very hard not to be running the latest version of the software, with patches and bug fixes applied in the background most of the time.

If you want to make sure you're running the latest version of your browser, open up the browser menu and choose Help then About Google Chrome (Chrome) or Help then About Firefox (Firefox). Updates for Microsoft Edge and Apple Safari are handled together with updates for the OS as a whole.

Look for the green padlock

When you see a green padlock in the address bar of your browser, that means you've opened a site that uses HTTPS - simple speaking, the more secure version of the HTTP standard that most websites use.

Among the extra security measures that HTTPS brings with it is a method for checking that you really are connected to the site that you think you are. What's more, it encrypts data as it travels between your computer and the website, so someone sat behind you in a coffee shop can't intercept the information being sent.

You should make sure you can see the HTTPS green padlock whenever you're entering sensitive information into your web browser, and many sites, from banking sites to social networks, now use it by default.

Cut down on the extensions

Browser extensions can be very useful, but they also tend to be granted some pretty sweeping permissions regarding what they can do with the websites you visit and anything you type into your browser.

Most of the browser add-ons you've installed are probably perfectly safe, but it's a good idea to stick to the ones you're use regularly and trust, and get rid of the extensions that have become outdated or that you don't open much any more. There should be an option to do this somewhere inside your browser's settings screen.

As an added bonus, you might find your browser running that little bit more smoothly and more quickly once you've got rid of a few add-ons that were just taking up space.

Protect your online accounts

This isn't specifically related to your browser, but there are a host of ways you can keep your online accounts safe, from making sure you use different passwords on each one, to always logging off when using public computers.

If two-step authentication is offered, where you need a username, a password and a mobile code to gain access on a new device, take advantage of it. It's available on most major online accounts, including those from Apple, Google, Microsoft and Facebook.

Many accounts also have a feature where you can review recent logins for suspicious activity. On the Facebook site, for example, click Settings from the drop-down menu on the toolbar, then pick Security and login from the menu on the left.

Protect your Windows and macOS accounts

You probably have your browser set to remember all your passwords and other login details, and there's nothing wrong with that, but it also means that anyone who opens up your browser can then jump straight into Facebook, Twitter and so on.

To stop this from happening, make sure you and anyone else who uses the computer are given separate, password-protected user accounts. That should be enough to stop anyone from casually wandering by, picking up your laptop, and making off with access to all of your personal accounts.

Make sure the password lock screen appears after a set period of inactivity too - on Windows you need to open Settings then go to Accounts and Sign-in options (to force a password prompt); and then System and Power & sleep (to set the sleep time-out). On macOS, head to Security & privacy from System Preferences.

Install a VPN

VPNs, or Virtual Private Networks, add an extra layer of security to your browser, essentially creating a secure, encrypted tunnel between you and the websites you visit. They're especially useful when you're on public Wi-Fi in coffee shops and hotels.

We don't have space for a full VPN round-up here but this article should give you a few ideas. It's worth paying a small fee every month for your service, as free options tend to be slow and not quite as secure as premium-level ones.

VPNs are less important on a home network, but wherever you use your computer, they make it harder for hackers to intercept the sites you're visiting and to spy on the data you're entering into your browser.