Firefox's protection against fingerprinting
Like other browsers, Firefox’s functionality is influenced by your operating system, hardware, graphics cards, additional software and even the fonts you install. Some website technologies, like HTML5 Canvas, can even uniquely identify you based on how your computer draws images.
Currently, Fingerprinting Protection is an experimental feature that is under heavy development in Firefox. It is likely that it may degrade your web experience, so we recommend it only for those willing to test experimental features.
How am I protected?
If a website tries to extract your data, Firefox will warn you with a prompt in the address bar. You can choose whether to allow the website to extract your data. This is the most common way to observe this protection.
However, the Canvas Permission Prompt is not the only thing that Fingerprinting Protection is doing. Fingerprinting Detection also looks at other factors:
- You have granted the website permission.
- Your timezone is reported to be UTC
- Not all fonts installed on your computer are available to webpages
- The browser window prefers to be set to a specific size
- Your browser reports a specific, common version number
- Your keyboard layout and language is disguised
- Your webcam and microphone capabilities are disguised.
- The Media Statistics Web API reports misleading information
- Any Site-Specific Zoom settings are not applied
- The WebSpeech, Gamepad, Sensors, and Performance Web APIs are disabled
How do I enable or disable this protection?
Currently, Fingerprinting Protection is an experimental feature enabled by a confirmation flag set in about:config. It can also be enabled by Web Extensions.
In the address bar, type about:config and press EnterReturn.
- The about:config "This might void your warranty!" warning page may appear. Click to continue to the about:config page.
- Search for “privacy.resistFingerprinting” and see if it is bolded and set to ‘true’. If so, you, or a Web Extension you installed, has enabled this preference. You can double click the line in about:config to toggle the setting.
If you discover the setting has become re-enabled, it is likely a Web Extension you have installed is setting it for you.