Which browser is the most secure web browser? That's a question that is hard to answer, and Internet users usually mention the web browser that they use when asked the question. There are some differences in the architecture of browsers.
Google Chrome and Internet Explorer, for example, make use of sandboxes that prevent that the whole web browser is attacked if malicious code is executed in a tab in the browser. (Update: Firefox supports multiple processes and sandboxing as well now).
Additional differences become apparent when you look at browser plugin support. Thousands of extensions are available for some browsers and only a handful for others. Chrome and Firefox users may pick from thousands of browser extrensions while Internet Explorer users only from a handful.
Extension can be a very effective way of adding additional protection to the web browser. This article covers the top 5 security plugins for IE, Chrome and Firefox. If you know of a plugin that is missing in the list let us (and everyone else) know about it in the comments.
Update: We replaced extensions that are no longer compatible or available with suitable alternatives.
No Script - The one add-on that many security experts do not want to live without. No Script can block script execution on websites. It does so on all websites by default with the option to enable specific scripts temporarily or permanently. The add-on can prevent script-based attacks (most of them are) if used correctly.
Last Pass - The password manager for Firefox. It can generate and remember secure passwords, fill out forms and even auto-login the user into websites. The three important security-related features are secure password generation, password storing and auto login. Secure passwords have the weakness that they are hard to remember. It is simply easier to remember 123456 than f&z_cU!;re4xZ especially if you consider that unique passwords should be used one every website. With Last Pass users get unlimited secure passwords with the need to only remember the master password. The auto login feature can be very effective against phishing attacks as it won't work on phishing websites that use a different URL than the original.
uBlock Origin -- a content blocker for Firefox that blocks advertisement and other annoyances on the Web. Simply to use yet powerful interface.
No Redirect (not compatible with Firefox 57+)- A versatile add-on that handles several things at once. It will reveal the destination URL of short URL services and prevent that Internet providers and other companies use DNS hijacks to show their (search pages). This does happen for instance with many major ISPs if the user mistypes a domain extension.
Link Extend (not compatible with Firefox 57+) and Web of Trust - Link Extend and Web of Trust provide similar functionality. They provide website ratings to inform the user about potentially dangerous websites. Both display ratings in major search engines but also in a toolbar for the active page.
CS Lite - Cookie permissions on a per-site basis. Allows the user to block or allow cookies permanently or temporarily.
Backup: Febe Firefox Backup. It is always a good idea to create regular backups to be prepared when data gets corrupted or deleted. Febe is a Firefox add-on that can backup all profile data of the web browser including bookmarks, settings, extensions, and passwords.
uBlock Origin -- Same as the Firefox add-on. Great content blocker.
Last Pass - The Last Pass password manager is also available for the Google Chrome web browser. Extension support is currently only available for dev releases of the Google browser. The functionality, on the other hand, is similar to that of the Firefox add-on. It is possible to generate passwords, store them and use the auto-login feature.
Script Safe -- Provides Chrome users with options to block certain browser technologies and features that sites may abuse for fingerprinting.
Flash Block - This is the closest to the No Script Firefox add-on. Flash Block will only block Flash content but not other script related objects.
McAfee Site Advisor bookmarklet - There are not many Google Chrome extensions yet. Bookmarklets try to close that gap by allowing all Google Chrome users - and not only those that use a dev version - to make use of additional features. This bookmarklet will display McAfee Site Advisor ratings when executed. Comparable to Wot or Link Extend with the difference that it has to be executed manually.
Adsweep and Adblock+ - Two options to disable most advertisement that is displayed on websites. These add-ons are more about the annoying objects on websites and less about security. They can, however, be helpful in situations were rogue ads are displayed that spread malware.
Backup: Fav Browser - Fav Browser 2 can backup and restore all settings of Google Chrome 2, 3 or 4.
Last Pass - Did we mention that we love Last Pass? The password manager is available as a plugin for Microsoft's Internet Explorer. It offers the same functionality on all supported web browsers including password generation and secure storage of passwords.
Web of Trust or Trend Protect - Both display ratings for the active websites and websites that are listed in the major search engines (Google Search, Yahoo Search, MSN). They can be used as an indicator if a site's potentially dangerous to visit.
IE7 Pro - A great plugin for Internet Explorer (not only 7 but also Internet Explorer 8) that offers ad blocking and many additional features. It comes closes to the No Script Firefox add-on. The ad blocker includes a Flash Blocker. Another interesting module is userscript support which can be also beneficial to security.
Backup: Fav Backup - You can use the tool to backup and restore Internet Explorer profile settings.
Only four for Internet Explorer. Do you know of additional Internet Explorer security add-ons? Let us know in the comments.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.