Homepage

Detect Font Fingerprint

Do I have a font fingerprint spoofer installed in my browser?
Logo

Advertisement

This page shows you the font fingerprint for your browser. This fingerprint is computed by rendering a sample text with a variety of font families. The fingerprint and supported font list are rendered below. Please note that, if you do not have a spoofer mechanism to change (mask) the fingerprint, it should remain fixed whenever you reload/visit this page.

Font Fingerprint & Metrics

Font sizeLoading...
Fingerprint IDLoading...
Test stringLoading...
Font list & metricsLoading...

What is font fingerprinting?

It is a technique used to identify a browser. This method can be used to distinguish a browser, for instance, display personalized advertisements or uniquely identify a browser on the next visit(s) even though a user has no login details available. This technique uses CSS font family to render and style a sample text and then generates a hash code from various metrics derived from the sample text (i.e. bounding box width & height). This metric is computed for a variety of font families and the results are then converted to hash code. Since the printing buffer relies on the browser font rendering capabilities, it provides a pretty good unique id.

How can I protect my browser to prevent font fingerprinting

Some browsers have internal modules where the user can activate to protect against font fingerprinting. Some others do not offer such a capability. In these browsers, you can install a browser extension to simulate the native behavior. A module needs to alter the CSS font property so that the fingerprint data would be altered and not unique. There are two popular methods to achieve this. Some browsers or extensions add random noise (i.e. invisible disturbances to various metrics such as width or height) into the rendered font metrics which would result in an invalid identification hash code. Some others insert these noises in random positions to make sure each fingerprint is different from the previous one. The former method generates a unique id, but this id is "new" and hence browser information is protected. According to our tests, the second method protects the user even more by generating random id on each visit.

If I have font fingerprint protection enabled, is it still possible to identify my browser?

The short answer is Yes, but, it is much harder to identify your browser comparing to when you don't have any protection method. Read below to get more info about browser identification.

There are many methods to identify a browser. The font fingerprinting, however, is not a popular one. There are other popular fingerprinting methods such as Canvas or WebGL which are mostly used in websites. Please navigate this website to get more info about various methods for browser fingerprinting. Note that even if you have the fingerprint protection enabled, still, most likely, it is possible to detect that there is a protection method active.

How is a font fingerprint generated?

In general, there are plenty of methods to generate a font fingerprint. In this website, the width and height for a sample text are used to generate a hash code (fingerprint). This sample text is rendered with a large number of font families, and for each instance, the width and height are extracted from the rendered text on the screen. All these metrics are then fed to an array buffer and the final hash code is generated from the full buffer. According to our study, this method is mostly used in websites to generate font fingerprint, but, as mentioned above, there are other methods to generate font fingerprint, and some might be even more effective than the one we use here.

Related Blog Posts

  1. Privacy Concerns in Browsers: With some extensions spying on people and Firefox getting ads, is there a better browser than others for privacy? Should one use something such as...
  2. The Best Privacy and Security-Focused Web Browsers: The truth is that the web browser which one uses knows a lot about them. For example, it knows which sites one visits. However, the question is which are the best browsers for privacy...