73+ free tools to protect your privacy online

This is a comprehensive list of tools that can help you secure your privacy online. We’re not saying you should use all of them–you certainly don’t need three VPNs or four antivirus programs–but we wanted to offer a fair amount of choice. Our recommendation is that you consider using one tool from each category on each of your devices. Both mobile and desktop apps are included here, and they are all free or have a no-expiry free tier.

VPNs and Proxies

VPNs and proxies route your internet connection through a server in another location, making it appear as though you are accessing the internet from somewhere else. VPNs also encrypt all your internet traffic, making them a must-have privacy tool. Besides making web surfing more anonymous, VPNs and proxies can also be used to evade firewalls and unblock location-restricted content such as Netflix.

OpenVPN

ec2 vpn 18
Most paid VPNs utilize the free OpenVPN protocol. OpenVPN offers a user-friendly GUI, but requires a server to connect to. Check out our guide on how to roll your own VPN with OpenVPN and a free Amazon Web Services account.

OS: Platform agnostic

Windscribe

One of the better free VPNs out there, if you opt to go the free route. Offers unlimited bandwidth, a decent range of server locations, and ad-free browsing.

OS: Windows, MacOS, iOS, Android,

Proxy SwitchySharp

ec2 vpn 11
Browser extension that allows you to manage and switch between proxies. Can specify specific domains to access through the proxy.

Platform: Chrome

FoxyProxy

A browser extension for managing and switching between proxies similar to Proxy SwitchySharp, but for Firefox.

Platform: Firefox

Tunnelbear

A mobile VPN that offers up to 500MB of data per month for free. More data is available in the paid tiers.

Platform: Android, iOS, MacOSX, Windows, Chrome, Opera

Cocoon

Cocoon is a privacy-focused web browser with a built-in encrypted proxy that can be toggled on or off at any time. It’s marketed toward expats in China who want an easy way to access websites blocked by the Great Firewall. It will also mask your IP address, store all cookies in an isolated cloud so they cannot be used to identify you, and run real-time antivirus. The company does inject ads from its internal ad network into the browser, but these ads are based only on the URL and content of the page you are currently visiting. The company does not log any of your browsing activity, nor does it share any of your info with third parties.

DNS Leak Test

dns leak test comparitech
Once you have a VPN, it’s a good idea to test it for leaks. Leaks occur when information is sent through the internet but outside of the VPN tunnel. This can divulge your real IP address and location to your ISP or someone else. Comparitech’s own DNS Leak Test scans for DNS, IPv6, and WebRTC leaks.

Antivirus

Antivirus scans, quarantines, and removes malicious files from your computer. Typically an antivirus program covers viruses, malware, spyware, and other threats, but some are limited to a specific type. Not only do these menaces threaten to damage your computer and files, but many of them also invade your privacy by collecting personal information or injecting ads into your browser.]

Bitdefender

A great and effective entry-level antivirus program with a free edition. Read our full review of Bitdefender here.

OS: Windows, iOS

Malwarebytes

A scan and removal tool that focuses on Malware, including Trojans, rootkits, rogues, spyware, and more. Offers a free tier.

OS: Windows, MacOSX, Android

Panda

Perhaps the most lightweight of the reputable free antivirus programs out there. Includes a file encryptor and file shredder, wi-fi protection, and parental controls among other features. The Windows version includes the most features, while others are more basic.

OS: Windows, MacOSX, iOS, Android

Backup and Storage

Many of us use online backup and storage services like Google Drive and Dropbox, but most are not encrypted and protected to a degree we can honestly consider private. Here we’ve listed some options that are up to Comparitech’s privacy charter standard.

IBackup

ibackup web app
Cloud backup service with a 5GB no-expiration free tier. Meets our cloud backup privacy charter requirements when it comes to encryption and security practices. Can also back up photos and videos from social media accounts.

OS: Windows, MacOSX, Android, iOS, Windows Phone

Crashplan

crashplan desktop restore
Backup software that’s free if you provide your own storage media, such as an external hard drive or a second computer. Cloud backup on Crashplan’s servers requires a subscription. Meets our cloud backup privacy charter requirements. Read our Crashplan review here.

OS: Windows, MacOSX, Linux

File encryption apps

These apps allow you to encrypt selected files on your device. Many of them can be used to encrypt files and folders prior to uploading to the cloud, which keeps your data safe even on vulnerable servers.

Boxcryptor

boxcryptor-screenshot-1

Allows you to create a folder anywhere on your computer, and everything placed in that folder is encrypted using the 256-bit AES standard. To view the files in that folder, run the Boxcryptor app, navigate to the desired file, and enter your password/key. If you’re using a cloud storage service like Google Drive or Dropbox, this folder can be placed inside the respective app’s sync folder.

OS: Windows, MacOSX, Chrome, iOS, Android, Windows Phone, Blackberry

Viivo

Update: Viivo has been discontinued.

Viivo creates two folders on your computer. The first is just a seemingly normal folder stored locally where you put files. The second folder makes a copy of everything in the first folder and encrypts it. The second folder is the one you want to upload to the cloud. It can be put in your Dropbox or Google Drive folder, for instance.

OS: Windows, MacOSX, iOS, Android

nCrypted Cloud

nCrypted Cloud places Google Drive, Dropbox, and other supported cloud storage sync folders into an nCrypted Cloud folder. Encryption doesn’t happen automatically. Right click files within those folders to encrypt and decrypt them. The blue lock icon next to the file or folder icon indicates it has been made private and is now encrypted with the AES 256-bit.

OS: Windows, MacOSX, iOS, Android

Cloudfogger

Update, 11 June 2016: Cloudfogger has been discontinued.

Cloudfogger lets you select existing folders to encrypt rather than having to create new ones. This is often a better option for those who have a lot of files that need to be encrypted but don’t want to move them around.

OS: Windows, MacOSX, iOS, Android

EncFSMP

EncFSMP uses much of the same open-source code as BoxCryptor and works in a similar manner. Create an encrypted folder anywhere on your local drive, and anything you put in that folder is automatically encrypted. You can create, edit, and export passwords for these folders.

OS: Windows, MacOSX

Cryptonite

A file encryption app for Android that uses the open source EncFSMP (see above). Creates a folder on your device, which you can place in a Dropbox or Google Drive sync directory. Anything placed in this folder is encrypted before being uploaded to the cloud.

OS: Android (Update: no longer on Google Play, only available on GitHub)

AxCrypt

File encryption software that integrates with Windows to compress, encrypt, decrypt, store, send and work with individual files.

OS: Windows

Read more: The best apps to encrypt your files before uploading to the cloud

Disk encryption software

These apps will encrypt your entire hard disk, making it impossible for anyone to access anything on your computer without the encryption key. Some come pre-installed on Windows and Mac computers.

Diskcryptor

A full disk encryption system that can encrypt either the entire hard drive or a specific partition, including the partition that the OS is installed on. Diskcryptor uses 256-bit AES, Twofish, Serpent or a combination of cascaded algorithms in XTS mode to carry out encryption.

OS: Windows

FileVault 2

Similar to Diskcryptor, but for Macs. Encrypts the entire OSX startup volume using 128-bit AES/XTS. Filevault 2 performs on-the-fly encryption and decryption. Requires OSX Lion or later and a working recovery volume.

OS: MacOSX

BitLocker

bitlocker ss
A full disk encryption system similar to Diskcryptor that comes pre-installed on some versions of Windows.

OS: Windows

VeraCrypt

The successor to TrueCrypt, VeraCrypt is a full disk and partition encryption system that claims to be more immune to brute force attacks than competitors. Accessing encrypted partitions is slowed down, but does not effect applications in use.

OS: Windows, MacOSX, Linux, Android, iOS

Secure messaging apps

If you’re worried about someone snooping on your online conversations, these apps offer end-to-end encrypted chat capabilities. Some are standalone products, while others work with existing messenger apps.

Cryptocat

cryptocat ss
Chat app that encrypts messages on local device before sending. Supports group chats, file and photo sharing, and can scan Facebook Messenger to see which of your friends are also using Cryptochat.

Platform: Chrome, Firefox, Safari, Opera, MacOSX, iOS

Pidgin

A free chat client that encrypts messages sent through AIM, MSN, Yahoo, and several other desktop chat networks.

OS: Windows, MacOSX, Linux

TorChat

Decentralized peer-to-peer instant messaging client that utilizes the location-hiding Tor network. No need to install or configure. Can run from a USB drive.

OS: Windows, Linux

Password Managers

If you have trouble memorizing all your passwords, these apps allow you to remember just one master password to unlock all your accounts, both on the web and on desktop applications. Besides the convenience aspect, it also helps protect users from keylogging viruses that track what you type.

LastPass

Browser plugin that stores passwords for you so you only need to remember one. Passwords are stored with AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256. LastPass cannot gain access to your passwords. LastPass is one of our favorite password managers, you can get it free here or if you want to read more first head over to our LastPass review.

Platform: Windows, Mac, Linux, iOS, Android, Blackberry, Windows Phone, Firefox OS, Microsoft Surface RT, Chrome

KeePass

Similar to LastPass. Stores passwords for all of your installed apps and programs in addition to websites and apps. It’s slightly more tricky to configure than most password managers but is very popular among techies. Our KeePass review has more details.

OS: Windows, MacOSX, Linux

MasterPassword

masterpassword ss
A password manager that guarantees your passwords can never be lost. Instead of storing passwords in an encrypted vault like other password managers, your passwords are generated on demand from your name, the site, and the master password. This algorithm-based model makes it so you don’t need to sync, restore, or even be connected to the internet to access your passwords, and it even works on devices you’ve never used before.

Platform: iOS, Android, MacOSX, Windows, web app

DataVault Password Manager

The free Android version of DataVault Password Manager by Ascendo secures passwords using 128-bit AES encryption. Supports fingerprint authentication. You can easily view all the accounts that you’ve stored passwords for in a categorical list view. You can also set it to time out or wipe data after multiple failed login attempts.

Platform: Android, Windows (free trial), Mac and iOS (paid)

Strong Password Generator

password generator tool
Comparitech’s own Smart Password Generator instantly creates unique, random passwords that you can use with all of your accounts, significantly reducing the chances of being hacked. The tool runs completely in your browser and nothing is sent to the server.

Password Strength Test

If you already have a password and just want to test how strong it is, you can use Comparitech’s Password Strength Test. Using a number of different factors, we can analyze your password for weakness and give you an estimate of how long it would take a hacker to brute force it. Everything happens on the front end in your browser and no information is sent to our servers.

Email Encryption

Email is a communication used by most everyone online and won’t be going anywhere anytime soon. The problem is that email isn’t encrypted and has serious privacy flaws. These apps let you encrypt your email correspondence so only the intended receiver can decrypt it.

Mailvelope

mailvelope ss
A browser extension that integrates with your web-based email client, such as Gmail. Lets you create, import, and store public encryption keys. A button in the composer will let you write and encrypt messages within normal email. Uses PGP encryption. Can also be used to decrypt email.

Platform: Chrome, Firefox

EnigMail

A browser extension similar to Mailvelope that encrypts email using OpenPGP.

Platform: Firefox

GPGTools

Email encryption tool for Apple Mail. Encrypt, decrypt, sign, and verify email. Note that Macs come with an encryption protocol pre-installed called S/MIME as opposed to PGP/MIME, so this may be redundant.

OS: MacOSX

GNU Privacy Guard

Encryption software used to encrypt any file on a computer. That file can be sent to someone else, and only that person can decrypt based on the PGP key-pair system.

OS: Windows*, MacOSX, Linux

Thunderbird

From the makers of Firefox, Mozilla’s Thunderbird email program is a customizable, open-source alternative to Outlook and web-based email clients. It includes a series of security features including Do Not Track and phishing protection.

OS: Windows, MacOSX, Linux

Ad Blockers

Advertisements online aren’t just annoying, they often contain malicious code that steals your personal data or try to serve you viruses. Ad blockers solve both problems. Some specifically target malicious ads, while others block advertisements altogether.

Adblock Plus

abp ss
A browser extension that blocks malicious ads that track users, serve malware, and are generally annoying. Customizable and comes with a whitelist of tolerable ads to support websites.

Platform: Firefox, Chrome, Android, Opera, Internet Explorer, Safari, Yandex, Maxthon, Edge

Privacy Badger

A browser extension that blocks ads and other webpage elements that attempt to track users. Technically not an ad blocker, but ends up blocking many ads that track users or serve malware. One of the few extensions that blocks fingerprinting, an up-and-coming method of tracking users that could one day replace cookies.

ublock

A lightweight ad blocker extension that also weeds out tracking and overhead to make browsing faster.

Platform: Chrome, Safari, Firefox

Nixory

Browser extension that focuses less on ads and more on preventing spyware and tracking.

Platform: Chrome, Firefox, Internet Explorer

Ghostery

An anti-tracking and ad-blocking extension that claims to have the largest database of tracking companies. Emphasizes control of which trackers are allowed and which aren’t.

Platform: Chrome, Firefox, Safari, Opera

Anonymizers

These apps make your online activity anonymous to anyone who might be snooping. Most of these apps are Tor-based, which bounces your connection off a series of relays, making your effectively untraceable.

Peerblock

Peerblock keeps a running blacklist of IP addresses from known “bad” computers. It’s long been used by frequent torrent downloaders to prevent record and movie industry minions from monitoring P2P activities, but it also blocks communication with spyware and advertising servers, those that have been compromised by hackers, and even entire countries. The blacklist is split up into several categories such as education, P2P, spyware, etc.

OS: Windows

Tor

Tor is one of the oldest and most popular ways to make yourself anonymous online. Also known as the onion router, Tor is a network of relays scattered around the world. Users’ internet connections are bounced around these relays at random, preventing snoops from analyzing your web traffic and figuring what your up to.

OS: Agnostic

Tor Browser

Image from Tor official website.
Image from Tor official website.

A web browser that utilizes the Tor network and includes some other privacy-minded features. With no need to install, it can run off a USB flash drive.

OS: Agnostic

Tails

Another tool built by the people who brought us Tor and Tor Browser, Tails is an entire self-contained operating system that can be run from a USB drive, DVD, or SD card. Files, emails, and instant messages are all encrypted, and no trace of Tails or anything you do on it is left on your computer.

OS: Agnostic

Orbot

The Tor network app for Android phones.

OS: Android

I2P

Similar to Tor, this “network within a network” makes online activity and communication anonymous to surveillance and monitoring.

OS: Windows, Mac, Linux, Android

Search engines

Every time you enter a search query into Google, Google remembers. The same goes for most other mainstream search engines. If you don’t want your searches associated with your online dossier, try one of these anonymous search engines.

StartPage

startpage ss
When you enter a query into StartPage, it removes all identifying information and submits it to Google on your behalf. It doesn’t record your IP address, log your visit, or use tracking cookies. Can be added to Chrome as the default search engine. All search results come with a proxy link underneath them, allowing you to click through to any site while retaining your privacy through a proxy.

DuckDuckGo

Unlike StartPage, which uses Google, DuckDuckGo is an entirely independent search engine. It doesn’t use tracking cookies and comes with a fair amount of customization for users. Can be set as the default search engine in Chrome.

ixquick

By the same people who make StartPage, ixquick is pretty much identical except it combines and returns results from several top search engines (instead of just Google) after scrubbing your personal information from the query. Offers advanced search, global search, and power search.

Disk wiping

These apps completely wipe a computer of everything except the operating system. They even remove the footprints left behind by deleted files and leave no proof that they were ever used.

Darik’s Boot and Nuke

dban ss
Erasure software that deletes the contents of all detected hard disks from a bootable USB drive or CD/DVD. Useful if you need to wipe a computer clean before recycling or selling it. Leaves no certifiable proof that the hard drives were wiped. If you need to wipe a solid state drive (SSD), then try DBAN’s sister software, Blancco 5.

OS: Agnostic

Eraser

Even after you delete a file, that empty space left over leaves a footprint. Eraser completely removes selected files from Windows by overwriting it several times with “carefully selected patterns.”

OS: Windows

Intrusion detection

These apps monitor your computer and incoming internet traffic in real time to detect intrusions by hackers and probes.

Snort

snort logo
Open source network intrusion prevention system that performs real-time traffic analysis used, among other things, to detect probes and attacks.

OS: Windows, Linux

OSSEC

Intrusion detection system that performs file integrity monitoring, log monitoring, rootcheck, and process monitoring. Sends alerts via email and the program log.

OS: Windows, MacOSX, Linux

Windows 10 anti-spying

As more and more PC owners make the jump to Windows 10, criticism has surfaced regarding the operating system’s quiet collecting of user activity. Prevent Windows 10 from spying on you and sending information to Microsoft by using these tools.

Spybot Anti-beacon

A lightweight application for disabling any and all tracking features built into Windows 10 that sends usage information to Microsoft. More recently it’s been updated to block Windows 7, 8, and 8.1 tracking as well.

OS: Windows

W10 Privacy

Aggregates several privacy settings in Windows 10 that are normally hidden in multiple, disparate menus into a single place.

OS: Windows

O&O ShutUp10

Similar to W10 privacy in that it aggregates several disparate privacy settings into one place on Windows 10. Does not require installation and runs immediately from the executable file downloaded to your PC.

OS: Windows

Destroy Windows 10 Spying

Like W10 Privacy and O&O ShutUp10, this app lists several Windows 10 privacy settings under three simple tabs: Main, Settings, and Utilities.

OS: Windows

TinyWall

A free lightweight firewall that lets you control the advanced firewall settings built into Windows more easily, plus other added protections. Simple and doesn’t require much technical skill.

OS: Windows

Windows 10 and VPNs

Windows 10 users can add a further layer of anonymity with a VPN. We do have a list of the best VPNs for Windows 10 however none of the free options made our top recommendations. Even so, picking one of the better free VPNs is better than not having one. Head back up to the free VPN section near the top of this article to see some of our preferred options.

Fake/burner email

If you want to send an anonymous email from a fake or temporary account, these apps have your back. Useful to register for one-off online accounts.

Proton Mail

ProtonMail_logo

Switzerland-based end-to-end encrypted email service. Open source, zero-knowledge, donation-based web and mobile apps. Must apply for an invite due to limited server capacity.

Platform: web app, iOS, Android

Zmail

Email software that lets you send emails from fake email addresses. Useful if you don’t want to use your actual email or open your regular email client. It’s also useful for testing email servers.

OS: Windows, MacOSX, Linux

Guerrilla Mail

guerrilla mail ss
Temporary disposable email address service. No registration required. Can be used to register for websites where you don’t want to give out your real email address. It even includes a password manager to help remember the passwords associated with those email addresses.

Social media privacy

Over a billion people have Facebook accounts, but we’re willing to bet only a fraction of them understand the depths of all the privacy settings available to them. These tools help manage and monitor your privacy on the world’s biggest social networks.

Privacy Checkup

A relatively new feature built into Facebook that gives you a sort of interactive tour through the main Facebook privacy settings. To find it, click the lock icon next to your notifications on Facebook’s desktop version. Privacy Checkup is useful, but it still overlooks a couple of important settings and can’t be reached manually on mobile.

Platform: Facebook

Other Mobile Apps

Any mobile apps that we couldn’t categorize into the above groups, we put here. That doesn’t make them any less important, though.

Signal

Encrypted voice calling and instant messaging app for smartphones. All chats, files, photos, and voice calls are encrypted. Users can verify the identity of their correspondents by comparing key fingerprints. During calls, users can check the integrity of the data channel by checking if two words match on both ends of the call.

OS: iOS, Android

LBE Privacy Guard

An Android app that helps you more easily control the granular permissions requested by other apps. It intercepts apps’ vital actions like sending SMS or making phone calls and requests to sensitive information, then asks the user to confirm these actions and requests before continuing. Anything not explicitly OK’ed by the user is rejected.

OS: Android

Other browser extensions

A few more useful browser extensions to make surfing the web more anonymous, secure, and private.

NoScript

Allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice to prevent malicious attacks. Includes a whitelist of trusted sites. Blocked scripts can be unblocked from the status bar at the top of the browser or by right-clicking and selecting the option from the context menu.

Platform: Firefox

ScriptSafe

Similar to NoScript, but for Chrome.

Platform: Chrome

Click&Clean

Chrome extension that checks whether you have enhanced private data protection and will help you to prevent tracking of your online activity. Deletes browsing data when Chrome closes and scans your PC for Malware.

Platform: Chrome

Disconnect

disconnect ss
Disconnect combines a variety of tactics to create a suite of anti-tracking tools. It disables tracking cookies, encrypts browsing data, blocks malware, and anonymizes search queries. A premium version is available that comes with a VPN and some other extras.

Platform: Chrome, Firefox, Safari, Opera, iOS, Android

HTTPS Everywhere

Many websites have HTTP and HTTPS versions of their sites. HTTPS Everywhere forces the latter, more secure versions to load whenever available.

Platform: Chrome, Firefox, Firefox for Android, Opera

DNS

DNS, or domain name systems, are what allow you to type in “comparitech.com” instead of an IP address made up of seemingly random numbers. Default DNS resolvers, however, can be poisoned by hackers, are vulnerable to phishing scams, and can monitor user activity. These alternatives offer a safer solution.

DNS.WATCH

This free DNS resolver promises to never keep logs or censor content. It promises speed on top of privacy.

OpenDNS

Extends the domain name system (DNS) to add phishing protection and content filtering. Despite the name, it is not open-source software.

Google DNS

Alternatively, you can also try out Google’s public DNS service. The procedure for changing your DNS settings varies according to the operating system and version and the device.

OS: Platform agnostic

Other desktop tools

A few final tools for your consideration.

Evernote Encryption

If you’re an Evernote user, you can encrypt notes containing sensitive information. The note title and metadata is not encrypted, only the content. It appears as a lock icon which you click, then type in a password. Unique passwords can be set for each note.

KeyScrambler Personal

Free keyboard encryption software. Should your computer be infected with a keylogger, which records every keystroke and sends what you type to thieves and hackers, this tool scrambles the output so attackers get the indecipherable encrypted text.

Wireshark

wireshark 3
A network protocol analysis tool that can be used to track all traffic to and from a computer. Not a privacy tool in itself, but check out how we used it to find out which country our cloud data is being stored in.

Window Washer

Deletes traces of activity left on your computer and clears up disk space.

OS: Windows

Panopticlick

This simple web-based tool from the Electronic Frontier Foundation analyzes your browser to check for potential privacy vulnerabilities. It checks to see if your browser blocks tracking ads, invisible trackers, and fingerprinting, and will give you a detailed analysis of any that aren’t blocked. We recommend using this after you’ve finished installing the browser extensions on this list.

Platform: Agnostic

Do Not Track

This website lets you know if you’ve enabled anti-tracking settings in your browser. If not, it will direct you to an external website with instructions for how to disable tracking. The Do Not Track registry is sort of like the web version of the United States’ Do Not Call registry. It requests websites not track you by adding an HTTP header to websites you visit.

Platform: Agnostic


Something we missed? Let us know in the comments!