Browser Fingerprinting: What It Is and How to Stop It
You don't need cookies to be tracked online. Browser fingerprinting builds a unique profile from the data your browser automatically shares — and it's incredibly hard to block.
What is browser fingerprinting?
Every time you visit a website, your browser shares dozens of data points: your screen resolution, installed fonts, graphics card, timezone, language settings, and more. Individually, each is mundane. Combined, they form a statistical fingerprint that can uniquely identify you across the web.
Research by the EFF's Panopticlick project found that most browsers have a unique fingerprint — even without cookies, even in incognito mode. Advertising networks and analytics companies use fingerprinting as a fallback when cookies are blocked.
What data is collected?
A typical fingerprinting script collects:
High entropy (most identifying)
- Canvas rendering hash
- WebGL renderer and vendor
- Audio processing hash
- User agent string
- Screen resolution
Medium entropy
- Timezone and locale
- Hardware concurrency (CPU cores)
- Device memory
- Installed plugins
- Platform (OS)
How canvas fingerprinting works
The most powerful technique. A fingerprinting script draws an invisible image using the HTML Canvas API — text, shapes, and gradients. The way your browser renders this image depends on your GPU, drivers, font rendering engine, and anti-aliasing settings. The script hashes the pixel data to create a unique identifier.
Two computers with the same hardware, OS, and browser version will usually produce the same canvas hash. But change any of those variables — different GPU, different font library — and the hash changes. This makes canvas hashes highly identifying.
How to reduce your fingerprint
Firefox — Resist Fingerprinting
The most comprehensive option. Go to about:config, search for privacy.resistFingerprinting, and set it to true.
This spoofs your timezone (UTC), screen resolution (letterboxed), WebGL renderer ("Mozilla"), OS version in user agent, and normalizes canvas/audio output. It's the single most effective anti-fingerprinting measure available.
Trade-off: Some sites may show incorrect timezone or slightly letterboxed layouts.
Brave — Automatic randomization
Brave randomizes canvas, WebGL, and audio fingerprints out of the box. For maximum protection, go to Settings → Shields and set fingerprinting blocking to Strict.
Trade-off: Strict mode may break some sites. Use Standard as fallback.
Chrome and Edge — Limited options
Neither has built-in fingerprint resistance. Extensions like Canvas Blocker can randomize canvas output, and uBlock Origin blocks many fingerprinting scripts. But Chrome/Edge expose APIs like navigator.deviceMemory and navigator.connection that extensions can't hide.
The paradox of blocking fingerprinting
Ironically, aggressive fingerprint blocking can make you more unique. If only 0.1% of users block canvas, then having a blocked canvas hash makes you stand out more than a common one. This is why Firefox RFP and Brave take different approaches:
- Firefox RFP: makes all RFP users look identical (same spoofed values)
- Brave: randomizes values on every page load so you look different each time
Both approaches work, but they work better when more people use them. If you care about privacy, using Firefox RFP or Brave is the most practical step you can take.
Test your own fingerprint
Want to see exactly what your browser reveals? Our Browser Fingerprint Analyzer runs entirely in your browser — no data is sent to any server. It shows your canvas hash, WebGL details, screen info, and a uniqueness score.
Check your fingerprint now
See what your browser reveals and get your uniqueness score. 100% client-side.
Open Fingerprint Analyzer