Chrome privacy settings on Windows: Medium level

Learn how to change your privacy settings on Chrome using Windows. These steps adjust your privacy and security settings to Medium level protection.
Kaspersky Lab
07.12.2021
15 minutes
Change settings
Privacy level
Choose
Platform
Choose
What are we setting up here?
Choose
ApplyCancel

Check your Google account settings

open all


Protect your Google account

If you use Chrome with a Google account, the safety of your data in the browser depends directly on your account’s security. Therefore, check your Google account settings in addition to your browser settings.


How to protect yourself from malicious websites and programs

open all


Run a safety check

What for: To detect and solve security problems.

Chrome can run a special check to detect password breaches and unsafe extensions, determine whether your browser is up to date, and enable warnings about malicious websites:

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the Safety check section;
  4. Click Check now.

Keep in mind that the browser only runs a basic safety check and does not scan your computer for malware. Use an antivirus to protect your device.

Choose a security level

What for: To find a balance between privacy and security.

Chrome can automatically detect phishing sites, monitor password breaches, and use other security mechanisms. However, a stricter security policy means developers will get more data about your system and Internet use. For instance, Google may learn which sites you visit, get samples of the files you download, data about your system, and other information. To choose a security level:

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the Privacy and security section;
  4. Select Security.
  5. If you do not want to share extra information with Google, click Standard protection. The browser will then check the URLs of the pages you visit against a list of malicious resources and warn you about hazards. A site’s address and samples of its content will only be sent to Google in the event that you download a malicious file or the site tries to steal your password. You can turn on enhanced data collection if you wish, or you can decline it:
  6. Click Help improve security on the web for everyone to let Chrome send the URL and a portion of the content for both malicious sites and other potentially suspicious resources you view to its developers. If the browser discovers unsafe software on your computer, it will send file samples and system registry entries to Google. This information is used for improving security so Chrome learns to identify threats more accurately.
  7. Click Warn you if passwords are exposed in a data breach and Chrome will check the passwords you save in the browser against a list of stolen ones from time to time. In order to perform the check, the browser encrypts your login credentials and sends them to Google.
  8. If you prefer safety to privacy, you may want to share all the data the developers need to enhance security. Then choose Enhanced protection, and the browser will monitor password breaches and send some items to be checked, such as the addresses of some of the pages you visit, samples of content and downloaded files, information about extension activity, and system data.

You can also turn Chrome protection off completely, but we do not recommend deactivating the browser’s built-in security features.

Turn on DNS request encryption

What for: So attackers cannot redirect you to a malicious website.

To load a site, the browser needs its IP address, for example, 172.217.18.100. However, remembering a sequence of numbers like this is inconvenient, so the Internet uses a domain name system (DNS). This allows to identify website IP addresses by their alphabetic names. So instead of 172.217.18.100, you can type google.com and end up on the same page. When you type a site name, the browser sends a DNS request to a special server, and it send back the corresponding IP address.

Attackers can intercept this request and replace the server’s response with another IP address, for instance, that of a malicious website. Attacks like this are often used to redirect the victim to a fake page and steal their account password or bank card details. Chrome allows you to encrypt DNS requests, which prevents scammers from intercepting them. To turn on the encryption:

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the Privacy and security section;
  4. Select Security;
  5. Scroll down and enable Use secure DNS.

Check your computer for malware

What for: To protect the browser from threats.

Chrome can scan your device for malware sand riskware, such as advertising software that secretly changes your startup page. By default, the browser automatically checks your computer once every few days, but you can launch a scan manually at any time.

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. In the menu on the left, click Advanced and go to the Reset and clean up section;
  4. Select Clean up computer.
  5. If you do not want to share scan results and your device information with the developers, clear the box next to Report details to Google about harmful software, system settings, and processes that were found on your computer during this cleanup;
  6. Click Find and wait for the scan to be completed.

Keep in mind that Chrome only detects the programs which negatively affect its performance, for example, by changing your home page to a website with ads. The browser is not designed to protect against ransomware, banking trojans, and many other forms of malware, so it cannot be used instead of an antivirus.

Check website permissions

What for: To revoke unwanted website permissions

Website developers can request permission to access some of your browser’s and computer’s capabilities. For example, a technical support page can request access to your microphone to enable voice chat with an expert. However, attackers can use that maliciously, for example, to bombard you with notifications featuring ads. Check your list of permissions and revoke unnecessary ones from suspicious websites.

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the Privacy and security section;
  4. Select Site Settings;
  5. In the Permissions list, click Additional permissions to see all the options.
  6. Select each permission one by one, and click the trash can icon to the right of the website name;
  7. If you do not want any website to ask for a particular permission, turn off Ask before accessing.

Limit the use of cookies

What for: So that site developers do not know too much about you.

When you visit a website, a small file gets saved on your computer. It contains information about the system and your actions on the page. Known as cookies, these files are used by website developers to identify visitors and display personalized ads. They can contain your username or a list of items in your cart, for example. In the browser settings, you can restrict how websites use cookies.

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the Privacy and security section;
  4. Click Cookies and other site data;
  5. Choose the kind of cookies websites can use:
  6. Allow all cookies — sites will be able to use any cookies without restrictions;
  7. Block third-party cookies in Incognito — when you open a page in incognito mode, advertisers that have banners there will not be able to track your activity; However, website developers will still receive this information;
  8. Block third-party cookies — advertisers that have banners on a page will never be allowed to track your activity;
  9. Block all cookies — stop all sites from using cookies.

Downside: Having to manually enter your credentials and configure the settings each time you visit a website.


How to hide your data from prying eyes

open all


Stop previously visited sites from opening when the browser starts

What for: To keep the websites you have visited private.

When you start Chrome, it can automatically restore the websites from your previous session. This may be convenient, but if you are in a public place, other people might see sensitive information that you prefer to keep private. To avoid awkward situations, disable this feature:

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the On startup section.
  4. Select Open the New Tab page if you want to start with an empty page.
  5. Select Open a specific page or set of pages to manually enter the addresses of the websites you want to see when the browser starts.

Downside: You will have to open the websites you were visiting before closing the browser manually if you want to go on using them.

Use incognito mode

What for: To leave no tracks.

The browser usually saves information about the pages you visit, the passwords you enter, the permissions you give, and some website data. If you want to hide these — for example, when using someone else's computer — browse in incognito mode Chrome will delete all passwords, browser history, and site data immediately after you close all program windows launched in incognito mode.

To turn on incognito mode:

  1. Click the three dots in the upper right corner of the screen;
  2. Select New Incognito window.

Rock-solid online protectionSafe and private browsing with Kaspersky Secure Connection

How to keep corporations out of your business

open all


Disable account syncing

What for: To stop Google from storing information about your Internet activity on its servers.

Chrome allows you to sync your browsing history, passwords, and other account data across all devices signed in to your Google account. For example, when you bookmark a website on your computer, you’ll be able to find it in the bookmarks section on your smartphone. To enable this, Google saves your personal information on its servers, including the pages you visit, the tabs you have open, URLs, and other information. If you don’t want to share your information, you can disable syncing.

To turn off syncing in your current browser:

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Click the Turn off button to the right of your name;
  4. To delete all account data from a device (for example, if you signed in to your account on someone else’s computer), check the box next to Clear bookmarks, history, passwords, and more from this device.

Sync may still continue to work on other devices — for instance, if you have it enabled in Chrome on your smartphone.

To completely disable this feature and delete all saved data:

  1. Open the Data from Chrome sync page;
  2. Sign in to your account;
  3. Scroll down, tap Stop sync, and confirm your choice.

After this, syncing will be disabled on all devices. Google will delete your account information from its servers.

Downside: You won’t be able to access passwords, bookmarks, and other Google account data from other devices.

Disable data collection for browser performance improvement

What for: To keep information about how you use the browser away from Google.

Users can automatically send Chrome developers the URLs they visit, search queries, browser error reports, and other data. Developers claim that this helps them improve app performance and fix bugs. However, it means that data about your browsing will be stored on the company’s servers. If you don’t want to share this information, disable Google Services syncing.

Click the three dots in the upper right corner of the screen;

  1. Select Settings;
  2. Click Sync and Google services;
  3. Disable the following:
  4. Autocomplete searches and URLs;
  5. Help improve Chrome’s features and performance;
  6. Make searches and browsing better.

Disable enhanced spell check

What for: To stop Google from learning what you type in the browser.

Chrome can check the text you enter on websites, using basic or enhanced checks. The latter is based on the database of words and phrases used in search engine queries. To make check the words you type, the browser sends them to Google. If you do not want that, turn off the enhanced spell check.

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. In the menu on the left, click Advanced and go to the Languages section.
  4. Select Basic spell check.

Downside: The browser will use a less extensive vocabulary and might miss some errors.

Stop background services

What for: To get rid of intrusive notifications and protect yourself from malicious extensions.

By default, some Chrome background services keep running even if you have closed the browser. For example, websites can send you notifications even if you have not launched the program. However, some plug-ins may abuse this feature to spy on you, secretly open malicious pages, or send you spam. To stop Chrome from running in the background:

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. In the menu on the left, click Advanced and go to the System section;
  4. If Continue running background apps when Google Chrome is closed is active, turn it off.

Downside: You will not receive notifications when the browser is closed.


How to protect your data

open all


Check your saved passwords

What for: To protect against leaks.

When you sign in to a website, Chrome prompts you to save your password. This allows it to fill in your login credentials for you next time. The browser can check whether your passwords have been exposed in a data leak. How to start a scan:

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the Autofill section;
  4. Select Passwords;
  5. Click Check passwords.

If your passwords have been leaked, you’ll see a message about it. If so, change the vulnerable passwords to something unique and secure as soon as possible.

To get notifications if your passwords are discovered in public sources, turn on advanced protection mode.

Delete your contact details from Chrome

What for: To avoid exposing your contact information in case of a leak.

The browser can remember your address, place of work, phone number, and other contact details. These are used for autofill on websites and in apps — for instance, when planning routes in Google Maps. If you turn on sync, Google servers will store your contact information, which increases the risk of data leak. You can delete this information from Chrome:

  1. Click the three dots in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the Autofill section;
  4. Select Addresses and more;
  5. Click the three dots to the right of the address and select Remove.

Downside: You will have to enter your address and other contact details manually.


What would have happened if you had chosen another privacy level?


Also recommended

Main / Chrome privacy settings on Windows: Medium level
Privacy level
?

Relaxed

Basic privacy settings, maximum convenience.


Medium

A golden mean respecting privacy matters but preserving convenience.


Tight

A choice of security over convenience; instructions contain a lot of details.

Relaxed
Medium
Tight
Platform
Windows
Mac
iPhone
Android
What are we setting up here?
Instagram
Facebook
WhatsApp
TikTok
Twitter
Youtube
Google
Skype
LinkedIn
VK
Windows 7
Windows 10
Chrome
Firefox
Edge
Apply