Guide library

Browser Checklist

Browsers are now workspaces, payment gateways, media hubs, and identity portals. Treat them like critical tools rather than disposable windows that can be reset casually later.

Audit extensions and remove old permissions.

Extensions often outlive the reason you installed them. A “temporary” price tracker, coupon add-on, AI helper, or PDF tool can sit in the browser for months with broad permissions and almost no attention from the person using the browser every day.

Review every extension, remove anything idle, and reduce “read and change data on all websites” permissions wherever possible. If an extension is important enough to keep, it is important enough to review.

Separate account recovery from casual browsing.

Recovery email, backup codes, password manager access, and second factors create a high-leverage chain. If those tools live inside the same messy browser routine as casual signups, constant tab sprawl, and random downloads, the environment becomes harder to trust.

Keep your password manager updated and understood.
Know where backup codes are stored before you need them.
Review whether trusted devices are still truly trusted.
Check if old sessions are still active without a good reason.

Review download habits before “just this one file” becomes a pattern.

Confirm download sources, file types, and reputation before opening anything unexpected. Official vendor pages are usually a better choice than mirror sites, random forums, or pages that feel overloaded with urgency and fake utility prompts.

Downloads are not only a malware problem. They also create confusion around which app or site initiated a file, where it landed, and whether the user remembers enough context to evaluate it later.

Use public networks with less trust by default.

On unfamiliar Wi-Fi, avoid unnecessary account changes, verify network names carefully, and postpone sensitive administrative tasks until you are back on a trusted connection. Many browsing decisions do not have to happen in the café, hotel lobby, airport gate, or shared workspace.

Keep mobile browsing in the same policy as desktop browsing.

Phones are often where people approve logins, follow links from messages, and store payment methods. Review permissions, autofill, update cadence, saved sessions, and notification noise on mobile too.

A careful desktop setup loses value quickly if the same accounts are approved casually on a neglected phone.

Use a weekly five-minute browser review.

Close and clear forgotten sessions.
Review extension list and remove one stale tool if needed.
Confirm browser updates completed successfully.
Check default search and homepage settings.
Review downloads folder for files you do not recognize.

A small weekly review prevents browser clutter from becoming normalized.

Should I install many privacy extensions at once?

Not by default. More extensions do not always mean a safer browser. Too many overlapping tools can create confusion and increase the permission surface you are trying to reduce.

Is this guide only for desktop browsers?

No. The same principles apply to phones and tablets, especially because many people review security prompts and password approvals there first.

Related guide

Password Recovery Planning

Good browser habits protect the environment where credentials and recovery actions are used.

Open recovery planning

Related guide

Incident Response Notes

If a browser event already feels suspicious, use the response guide to structure your next steps.

Read the response guide