A Chromebook is already an ultra-secure computer straight out of the box. Because it doesn’t run a traditional operating system and takes advantage of various Google-powered security measures, Chrome OS is well-guarded against the evils lurking out there on the web.
But you can always do more, particularly if you want to minimize traces of your Internet wanderings, or prevent your every online action from contributing to an advertising profile.
You may share a Chromebook with others or desire a setup that’s impervious to the latest security threats. Perhaps it’s time for a little de-Googling in your life, as the Mountain View giant can collect a lot of information about you.
Whatever your reasons, here are some ways to fortify your Chromebook’s security structure.
Own your Google security
Chrome OS benefits from Google’s ongoing security efforts to identify malicious websites and sandbox each browser tab so one site can’t take down your whole computer.
Good security starts with you and how you manage your own data. In this case, it means ensuring that you’ve properly secured your own Google account. Because it’s the major gate to your Chromebook, you should have a solid password and use Google’s two-factor authentication. This generates a text message or a code through the Google Authenticator app that is required for any new login.
In your Chromebook settings, you can tweak a number of different features. For maximum security, restrict sign-in to just your account (below).
This means no one else can sign in and use your Chromebook. Nosy relatives or miscreant youth will be denied at every turn.
If others are determined to use your Chromebook, you can at least assert a little more control. Create a supervised profile that lets you see which websites have been visited by other profiles, block extensions, and change other settings. To do this, go to Settings > Manage other users > Enable supervised users.
Furthermore, if you’re going to loan your Chromebook to someone else or plan to resell it, there’s a very easy method to wipe off your data. Use the Powerwash feature in Settings > Show Advanced Settings > Powerwash.
Leave no trace
You’ve probably had the experience of checking out, say, a new tent on Amazon, and then suddenly ads for that sleeping shelter appear on every site you visit.
You can stop the madness. Consider a VPN if you want to mask your browsing from your internet service provider or other prying eyes. TunnelBear is an excellent option for the Chromebook for a couple of reasons.
First, TunnelBear offers a Chrome extension, whereas many other VPNs require a client for Windows or macOS. Additionally, Chromebooks with the Google Play Store can install the TunnelBear Android app.
Another avenue to explore is a privacy-focused extension like Privacy Badger, an extension from the Electronic Frontier Foundation. The extension blocks trackers, though you’re able to accept some cookies or whitelist specific sites. From time to time I’ve found that it can make a site’s performance a little wonky, so expect to hit a few bumps on the road.
Another helpful extension from the EFF privacy advocates is HTTPS Everywhere. Once you install this to Chrome, the browser will force a secure connection to all the sites you visit on the Web. Even though Google and others have made a huge push to make HTTPS the default connection, nonsecure sites persist.
Also, keep a careful eye on your extensions. Google has been busy recently ramping up the security it does in vetting the extensions you can install in Chrome. However, it’s best to stick to extensions from reputable companies. Check the reviews in the Chrome Web Store as well to see what others have to say.
Back off on the Google
Maybe you want to give Google a little less information to go on about you (all those details can lead to some interesting results). One solution is to switch your default search provider to DuckDuckGo. It’s a privacy-focused search engine that doesn’t track your search history.
To do this, go to DuckDuckGo, right-click in the address bar, and select Edit Search Engines. Then from the list of search engines, click the Make default button next to DuckDuckGo. Now when you type a search query in Chrome, it will be powered by the quacky search engine that keeps your secrets safe.
Chrome’s Guest Mode enables you to browse with Chrome without attaching any of the history to your Google account. All you need to do is sign out of your current session and log in as a guest. It’s perfect for when you don’t want your browsing history to follow you around for all time.
You can further minimize Google’s hold on your personal information by turning off autofill and automatic sync in Chrome. While the autofill feature is definitely convenient, you may not want to have this feature ready to put in your name, address, email, and more in online form. Killing off sync means your search history and other preferences will remain local to that machine.
Go to Settings > Advanced Sync Settings and uncheck the Autofill box. If you like the convenience of synced data and passwords, but just don’t want to give it to Google, consider a password manager.
To go deep into the privacy woods, you can switch up your DNS server to a provider that won’t log or retain these lookups. By default, your administrator or Internet service provider may retain this information.
To change the DNS settings on your Chromebook, first head to the the Chrome menu, choose Settings > Internet Connection , then click your network name.
Then head to the Network tab and choose Custom name servers. You can enter in the following details from DNS Watch, which advocates for data privacy. Enter 22.214.171.124 for server 1, and 126.96.36.199 for server 2. Choose Disconnect. Then, select the network again and choose Connect. This will change the switchboard from sending your traffic through your ISP.
While your Chromebook is already about as secure a computer as you can get, it can’t hurt to go the extra mile. with a few strategic moves, your Chromebook will be impervious to the wild woods of the web.