ChromeBook Security Hardening Guide

No matter how hard you try to secure your ChromeBook- the most important thing is to secure your Google account.

Your Google account is the gate to your Chromebook, so you want to make sure you have the proper security measures set in place.

You can secure your Google account by:

• Use a strong, unique password
• Use dual factor authentication (2FA)
• Google can prompt alerts on your mobile device - Android or iOS, and can sign in by tapping Yes on your phone.
• You will also need an authenticator app such as Authy or Google Authenticator
• Another alternative is using a security key, such as YubiKey, to sign in.

One thing you don’t want to do is use voice messages or texts for dual factor authentication. Text messages aren’t encrypted, which means that you can easily become the victim of a phishing attack. The phone company can also make mistakes by forwarding your phone number to the attacker. However, if you are using SMS authentication, you can turn it on in the two-factor authentication section.

For more convenience for sign-in, you can use your phone as authentication instead of a password. When your phone is near your Chromebook, it can automatically unlock. To set this up, go to Settings > Connected Devices > Android/iOS Phone > Set Up and follow those instructions.

To keep out prying eyes, you can tweak your settings and features for maximum security, and can restrict sign-in to only your account.

If there are others using your Chromebook, you can allow specific accounts to use your device. To do this, go to Settings > Security and Privacy > Manage other people and activate Restrict Sign-in to the following users. Click Add User and enter their email. If one of these accounts belongs to children, you can enable parental controls by going to Settings > Accounts > Parental Controls.

The Google Chrome browser has different settings than the Chrome operating system, so we need to change a few settings on Chrome and the operating system settings.

• Open Chrome and click the menu button
• From the dropdown, click on Settings
• In the Privacy and Security section, disable:
  • Use a prediction service to load pages more quickly
  • Allow sites to check if you have payment methods saved
• Make sure the following are enabled:
  • Send a “do not track” request with your browsing traffic
  • Safe browsing

Ensure your Chrome OS is up to date

New updates include vulnerability patches and new features. Do the update every time you see one available.

Be cautious with Chrome extensions

There are multiple extensions that have compromised security data of the user. Some of these can be from well established companies. Be adamant about installing extensions. Only install those that are absolutely necessary for your security.

For extra precaution:

• Only install from the official Chrome extension store
• Before you install, look into the developer
• Read the entire description of a Chrome extension
• Read reviews for the extension
• Be suspicious of valuable services being offered for free

Enable sleep locking on your Chromebook

If you don’t have password enabled on your Chromebook and you sometimes close the lid and open back up, you can see that you are allowed right back in. This isn’t necessarily safe. You can enable the “Show Lock Screen Waking from Sleep Option.”

You can find this in Settings > People > Screen Lock > Show Lock Screen When Waking From Sleep.

Stop ads

By now, you’ve had the experience of looking at things on Amazon, and then see ads pop up on sites you visit after you’ve looked at it or bought it. There’s a privacy focused extension called Privacy Badger, which is an explicit ad blocker. It allows you to whitelist sites if you need to.

There are other extensions that help prevent these, such as HTTPS Everywhere, and uBlock Origin The HTTPS Everywhere extension forces a HTTPS connection on sites that you visit and help keep out the non-secure sites.

Additionally, you can use a VPN that will shield your activity from your ISP and add an extra layer of security when using public wifi networks such as Starbucks, airports, or hotels.

Switch Browsers

If you’re tired of using Google and want them to have a little less information on you, you can switch your default browser to a browser such as DuckDuckGo, Brave, or any other browsers that don’t track your search history.

To switch your browser, right-click in the address bar and click “Edit Search Engines.” There’s a list that you can choose from. When you find the browser you want, click the three dots next to it and select Make Default.

You can also use Chrome’s Guest Mode as an alternative, which enables you to browse without keeping the history on your Google account. All you have to do is log out of your account and into the guest account.

Lastly, Chrome has an incognito mode like iOS, where Chrome doesn’t track or record your online activity when using it.