In short: A browser fingerprint is a unique snapshot of your device built from dozens of parameters: your graphics card, installed fonts, screen resolution, browser and OS versions, and time zone. Sites and ad networks recognize you by it even without cookies and without signing in. The main collection techniques are Canvas, WebGL, AudioContext, and request headers. One key nuance: a VPN hides your IP address and approximate location, but it does not change the fingerprint itself. Real privacy needs two layers — a VPN at the network level and an anti-fingerprinting browser at the device level.
What a browser fingerprint is
When you open a website, your browser automatically reports a lot of technical detail: interface language, screen resolution, operating system, installed fonts, which graphics card renders the page. On its own each parameter reveals nothing — millions of people use a Full HD screen, for example. But together, two or three dozen such signals form a combination shared by maybe one person in hundreds of thousands. That combination is your digital fingerprint.
The crucial difference from ordinary cookies is that a fingerprint does not need to be stored on your device. A site only has to compute a hash of your parameters once, and on your next visit it recognizes you again — even if you cleared history, deleted cookies, and opened a private window. That is why fingerprinting is called cookieless, passwordless identification: you do not control it and usually never notice it.
The technology started as an anti-fraud tool — banks and payment services still use fingerprints to tell the real account owner from a thief with a stolen password. But the same method has long been used by ad networks and trackers to follow user behavior. For what your internet provider itself can see about your traffic, see our guide on how to choose a secure VPN.
What makes up a fingerprint
Fingerprint collection runs through several independent channels. The more of them a site can read, the more precise the identification.
- Canvas fingerprint. The site asks your browser to invisibly draw text and shapes via the HTML5 Canvas API, then reads back the pixels. Differences in graphics card, drivers, and font anti-aliasing make each device render slightly differently, producing a stable hash.
- WebGL and WebGPU. These graphics interfaces expose your GPU model and vendor, supported extensions, and shader compilation quirks. They are the hardest to fake because the data comes from the hardware layer.
- Fonts. Your installed font list reflects your system and software (office suites, design apps) and sharply narrows the pool of similar devices.
- AudioContext. The browser processes a short audio signal, and tiny differences in the audio stack add another signal.
- User-Agent and Client Hints. The User-Agent string reports your browser, version, and OS. Chrome is gradually replacing it with Client Hints — structured headers that reveal less by default but still feed identification.
- Screen, language, time zone. Resolution and pixel density, system language, time zone, and the set of hardware sensors complete the picture.
None of these channels asks for your consent or leaves a trace on your device — which is exactly what makes them hard to defend against.
Why a fingerprint threatens your privacy
The main problem is silent tracking you never agreed to. An ad network whose code is embedded in thousands of sites can recognize you on each of them by a single fingerprint and stitch your browsing history into one profile: what you read, what you buy, what you are interested in. Cookies are no longer needed, so the cookie consent banner and the delete-cookies button are powerless here.
The second risk is cross-site account linking. If you sign into a personal and a work profile from one browser, a matching fingerprint helps connect them even when the emails and names differ. For journalists, activists, and anyone privacy-minded, that means potential deanonymization. For where this kind of protection stops, compare the anonymity levels in our breakdown of VPN vs proxy vs Tor.
Does a VPN change your fingerprint
The short answer is no, and it is important to be honest about this. A VPN works at the network level: it encrypts your traffic and replaces your IP address with the server's, hiding your real location and keeping your provider from seeing which sites you open. But Canvas, WebGL, fonts, and browser version are read inside the page, at the browser level — and a VPN does not touch that. So the fingerprint stays the same no matter which country you connect through.
This does not make a VPN pointless — quite the opposite. Your IP address and location are powerful identifiers in their own right, and closing them is essential. The fingerprint is simply a different layer, closed separately. A handy analogy: a VPN hides where the letter was sent from, while anti-fingerprinting hides the handwriting it was written in.
| Identification layer | Does a VPN change it | What also closes it |
|---|---|---|
| IP address and geolocation | Yes | The VPN itself |
| Your sites being visible to ISP and Wi-Fi | Yes | The VPN itself |
| Canvas / WebGL (graphics card) | No | An anti-fingerprinting browser |
| Fonts and software versions | No | Default settings, updates |
| User-Agent / Client Hints | No | A browser that unifies them |
| Cookies and trackers | Partly, via blocking | A blocker, a cookieless mode |
In practice both layers are closed by the pair of a reliable VPN plus a privacy browser. If you are leaking your real address past the tunnel, no browser setting will help — so test for that too, as described in DNS leak test and fix. Then add browser-level protection on top.
How to check your own fingerprint
Before changing anything, it helps to see how unique you are right now. A few free test services show your fingerprint and rate how rare it is:
- Cover Your Tracks by the EFF — shows whether your browser resists tracking and how unique your fingerprint is.
- AmIUnique — breaks the fingerprint down by parameter and compares it against a database of other visitors.
- BrowserLeaks — a set of individual tests: Canvas, WebGL, WebRTC, fonts, time zone.
Open any of them in your normal browser, then in a private window or a different browser, and compare. If the fingerprint is marked as unique, you are easy to single out of the crowd. These tools often also reveal a WebRTC leak, which can expose your real IP even behind a VPN.
How to reduce your fingerprint's uniqueness
You cannot erase a fingerprint entirely — the browser must report some data so pages work. But you can make your fingerprint look like everyone else's so it stops standing out. There are two working strategies, and they are opposite in logic.
The first is to blend into the crowd. That is the path of Tor Browser: all its users deliberately look identical, so one person is indistinguishable from the rest. Mullvad Browser takes a similar approach — the same engine, without the Tor network. This is the most reliable option; the price is a less convenient experience and occasionally broken layouts.
The second is to add noise. That is how Brave works with its farbling mechanism: it slightly randomizes Canvas and audio on each visit so the hash does not match. Firefox has similar protection — the privacy.resistFingerprinting setting plus blocking of known trackers; since version 113 Firefox adds noise to Canvas in strict privacy mode and in private windows. Plain Chrome has no built-in anti-fingerprinting protection.
A few rules that work regardless of browser:
- Keep fewer extensions: a rare set of add-ons makes you unique on its own.
- Do not stretch the window to odd sizes or change the zoom without reason — resolution is part of the fingerprint too.
- Update your browser promptly: on the latest version you are harder to tell apart from millions of identical ones.
- Do not swap your User-Agent for random values by hand — mismatched parameters give the spoof away and make you more visible.
For everyday privacy it makes sense to pair a hardened browser with a no-logs VPN that keeps no connection records. If you are still picking a plan, see LiMP VPN pricing — a single subscription covers all your devices.
Checklist: protecting yourself from fingerprinting
- Test your fingerprint on Cover Your Tracks or AmIUnique to set a baseline.
- Use Tor Browser or Mullvad Browser for sensitive tasks.
- Enable protection in Brave or resistFingerprinting in Firefox for daily browsing.
- Remove extensions you do not use.
- Turn on a VPN to close your IP and location — the layer a browser cannot close.
- Check for WebRTC and DNS leaks so your real address does not slip past the tunnel.
- Update your browser and operating system to current versions.
- Do not sign into personal and work accounts from the same browser profile.
Frequently asked questions
Does incognito mode protect against fingerprinting?
Barely. Incognito only avoids saving history and cookies on your device, but the browser still reports the same parameters — graphics card, fonts, screen. The fingerprint stays the same.
Can a fingerprint be hidden completely?
Not completely: without some of the data, pages simply will not render. The real goal is not to become invisible but to stop being unique by blending into a large group of users on identical browsers.
Does a VPN make my fingerprint more unique?
Not by itself. But if you have a rare browser with exotic settings while your IP jumps between countries, that combination can look unusual. So pair a VPN with a standard privacy browser rather than with homemade tweaks.
Is fingerprinting used in mobile apps?
Yes. Apps have their own device identifiers, and embedded web views collect roughly the same parameters as a browser. On a phone, system privacy settings, limiting the advertising identifier, and a device-wide VPN all help.
Does an ad blocker help against fingerprinting?
Partly: a good blocker cuts known tracker scripts before they can take a fingerprint. But it does not change the browser's parameters, so it is a complement to a privacy browser, not a replacement.
Is it legal to protect yourself from fingerprinting?
Yes. Managing your own privacy is a normal, legal practice; you are simply limiting the amount of device data you hand to websites.
Tor Browser or Brave against fingerprinting?
Tor Browser gives maximum protection because all users look alike, but it is slower and breaks some sites. Brave is more convenient for daily use and randomizes the fingerprint, though a little less strictly. The choice depends on whether you value ultimate anonymity or comfort.