Menu
Batten down the hatches in Firefox
To open Firefox's privacy options, click the settings icon in the top-right corner of the browser window (the icon has three horizontal lines). Choose Options in the drop-down menu, or press the Alt key and type T, 0. Click the Privacy tab, select the drop-down menu under History, and choose "Use custom settings for history." This brings the browser's history settings into view.
The first option in the History section lets you set privacy mode as your default for all browsing. Remember that privacy mode prevents a record of your Web activity from being saved on your local machine. It doesn't affect the information you share with the sites you visit and the third parties those sites contract with.
If you wish, you can uncheck the two options that allow Firefox to remember your browsing and download history, and your search and forms history. Personally, I leave these settings checked because the convenience of keeping a record is greater for me than the risk of a party gaining access to and misusing this information.
Give third-party cookies the boot
To keep sites and their partners from tracking you, click the drop-down menu next to "Accept third-party cookies" and choose Never. Next, click the drop-down menu next to "Keep until" and choose "I close Firefox."
The first option in the History section lets you set privacy mode as your default for all browsing. Remember that privacy mode prevents a record of your Web activity from being saved on your local machine. It doesn't affect the information you share with the sites you visit and the third parties those sites contract with.
If you wish, you can uncheck the two options that allow Firefox to remember your browsing and download history, and your search and forms history. Personally, I leave these settings checked because the convenience of keeping a record is greater for me than the risk of a party gaining access to and misusing this information.
Give third-party cookies the boot
To keep sites and their partners from tracking you, click the drop-down menu next to "Accept third-party cookies" and choose Never. Next, click the drop-down menu next to "Keep until" and choose "I close Firefox."
The option in the Tracking section of the Firefox Privacy settings to "Tell sites that I do not want to be tracked" is not honored by all Web trackers, so the setting's effectiveness is uncertain. For what it's worth, I retain the default option not to tell sites anything about my tracking preferences.
When you block third-party cookies, you'll still be tracked by the sites you visit, most of which require cookies to be enabled to function properly. Even deleting all cookies when you exit doesn't prevent a record of your browsing to be recorded by the sites you frequent. They keep a record of your activities on their servers, so they remember you as soon as you sign in.
Keep Firefox's built-in security protections enabled
Under the Security tab in the Firefox options dialog, the settings to warn when sites try to install add-ons, block reported attack sites, and block reported Web forgeries are selected by default. The Mozilla support site provides more information about these security features.
Also on by default is the option to remember passwords for sites. I tend not to let Firefox save my passwords, but for many people, the hassle of remembering a different password (and user ID) for each site they visit is greater than the risk posed by someone gaining access to their stored passwords.
The Mozilla support site explains in detail the various privacy and security settings in Firefox. One of the articles on the site describes how to prevent Firefox from automatically making connections without your permission. While most of the automatic connections made by the browser are beneficial, some may be made by malware that has hijacked Firefox. Mozilla support recommends that you search various online forums for information on removing the malware.
When you block third-party cookies, you'll still be tracked by the sites you visit, most of which require cookies to be enabled to function properly. Even deleting all cookies when you exit doesn't prevent a record of your browsing to be recorded by the sites you frequent. They keep a record of your activities on their servers, so they remember you as soon as you sign in.
Keep Firefox's built-in security protections enabled
Under the Security tab in the Firefox options dialog, the settings to warn when sites try to install add-ons, block reported attack sites, and block reported Web forgeries are selected by default. The Mozilla support site provides more information about these security features.
Also on by default is the option to remember passwords for sites. I tend not to let Firefox save my passwords, but for many people, the hassle of remembering a different password (and user ID) for each site they visit is greater than the risk posed by someone gaining access to their stored passwords.
The Mozilla support site explains in detail the various privacy and security settings in Firefox. One of the articles on the site describes how to prevent Firefox from automatically making connections without your permission. While most of the automatic connections made by the browser are beneficial, some may be made by malware that has hijacked Firefox. Mozilla support recommends that you search various online forums for information on removing the malware.
Put Firefox's Site ID button to work for you
On the far left of the Firefox address bar is the Site Identity Button intended to indicate at a glance that the connection to the site is encrypted, and that the site itself has been verified. Click the icon to view information about the current site and connection.
A gray globe is shown when the site hasn't provided any identifying information and the connection is unencrypted or only partially encrypted, but the site itself doesn't ask you to share any "sensitive" information.
An orange warning triangle is displayed when the site doesn't supply identifying information and doesn't use a completely encrypted connection, but you've shared some sensitive information with the site previously despite the risks.
A gray padlock indicates that the site's identity has been verified and the site uses an encrypted connection, but the actual ownership of the domain has not been verified. There's no guarantee that the party who owns the domain is the actual company the domain purports to be.
Finally, a green padlock appears when the site uses an Extended Validation certificate that verifies that "paypal.com" is actually owned and operated by PayPal, for example.
On the far left of the Firefox address bar is the Site Identity Button intended to indicate at a glance that the connection to the site is encrypted, and that the site itself has been verified. Click the icon to view information about the current site and connection.
A gray globe is shown when the site hasn't provided any identifying information and the connection is unencrypted or only partially encrypted, but the site itself doesn't ask you to share any "sensitive" information.
An orange warning triangle is displayed when the site doesn't supply identifying information and doesn't use a completely encrypted connection, but you've shared some sensitive information with the site previously despite the risks.
A gray padlock indicates that the site's identity has been verified and the site uses an encrypted connection, but the actual ownership of the domain has not been verified. There's no guarantee that the party who owns the domain is the actual company the domain purports to be.
Finally, a green padlock appears when the site uses an Extended Validation certificate that verifies that "paypal.com" is actually owned and operated by PayPal, for example.