About

Every browser transmits a composite signal - a fingerprint assembled from canvas rendering, WebGL renderer strings, AudioContext oscillator output, screen geometry, timezone offset, installed plugins, and language headers. Research from the EFF's Panopticlick project demonstrates that the combination of these factors uniquely identifies over 94% of browsers without any cookies. This tool quantifies that exposure. It probes 14 distinct fingerprint vectors, computes Shannon entropy H for each, and returns a weighted composite anonymity score from 0 (fully exposed) to 100 (effectively anonymous). No data leaves your machine. All analysis executes client-side.

Misconfigured privacy settings create a false sense of security. A user who blocks cookies but leaks a WebRTC local IP, runs a rare screen resolution, and permits canvas readout is more identifiable than one who accepts cookies on a common configuration. This tool surfaces those blind spots. Note: scores approximate real-world trackability. Actual fingerprint databases (e.g., FingerprintJS) may use additional signals not testable in a single-page context.

Formulas

The composite anonymity score combines per-factor scores using a weighted arithmetic mean. Each factor f_i receives a score from 0 to 100 based on how common or protected the detected value is.

S = n∑i=1 w_i ⋅ f_in∑i=1 w_i

Where S is the final anonymity score, w_i is the weight for factor i, and f_i is the individual factor score. Shannon entropy for a fingerprint vector is computed as:

H = − n∑i=1 p(x_i) ⋅ log₂ p(x_i)

Where p(x_i) represents the probability of a given value occurring in the general population. Higher entropy means the value is more common (better for anonymity). Lower entropy indicates a rare, identifying value. Per-factor scores map detected values against known population distributions - common values score near 100, rare values score near 0.

Reference Data

Privacy Factor	Detection Method	Risk If Exposed	Mitigation	Weight
User-Agent String	navigator.userAgent parsing	OS, browser, version revealed	UA spoofing extension	8%
Canvas Fingerprint	2D canvas text rendering hash	GPU/font stack uniquely identified	CanvasBlocker addon	12%
WebGL Renderer	WEBGL_debug_renderer_info	Exact GPU model exposed	Disable WebGL or spoof	10%
AudioContext	OscillatorNode output hash	Audio stack fingerprint	Tor Browser blocks this	8%
Screen Resolution	screen.width × screen.height	Rare resolutions are unique	Resize browser window	7%
Timezone Offset	Date.getTimezoneOffset()	Narrows geolocation	VPN + timezone spoof	5%
Language Headers	navigator.languages array	Locale combination is identifying	Set single common language	5%
WebRTC Leak	RTCPeerConnection ICE candidates	Local/public IP exposed	Disable WebRTC or use extension	12%
Do Not Track	navigator.doNotTrack	Paradoxically increases uniqueness	Match majority setting	3%
Cookie Support	navigator.cookieEnabled	Blocking is minority behavior	Allow but auto-clear	3%
Hardware Concurrency	navigator.hardwareConcurrency	CPU core count narrows device	Cannot easily spoof	5%
Device Memory	navigator.deviceMemory	RAM class narrows device	Tor Browser masks this	4%
Platform	navigator.platform	OS family revealed	UA spoofing	5%
Installed Plugins	navigator.plugins.length	Plugin set is rare	Use browser with no plugins	4%
Touch Support	maxTouchPoints + ontouchstart	Distinguishes mobile from desktop	Cannot spoof easily	3%
Color Depth	screen.colorDepth	Most are 24-bit; outliers stand out	Standard display	2%
PDF Viewer	navigator.pdfViewerEnabled	Minority signal if disabled	Keep default	2%
Math Constants	Math.tan/Math.log quirks	Engine-specific float rounding	Tor Browser normalizes	2%

Frequently Asked Questions

Only approximately 12-15% of browsers send the DNT header. By enabling it, you join a minority group, which paradoxically makes your browser more distinguishable. The anonymity-optimal choice is to match the majority - currently, leaving DNT unset.

The browser renders a specific string with emoji and complex glyphs onto a hidden canvas element. Due to differences in GPU hardware, driver versions, font rendering engines, and anti-aliasing algorithms, the resulting pixel data varies subtly between systems. Hashing the pixel output (via toDataURL) produces a near-unique identifier. This test does not require cookies or any stored data.

No. A VPN masks your IP address but does not affect browser fingerprinting vectors such as canvas rendering, WebGL renderer strings, screen resolution, timezone, or language headers. A VPN combined with the Tor Browser (which normalizes most fingerprint surfaces) approaches maximum anonymity. Using a VPN with a stock Chrome install still exposes 13+ identifying vectors.

As of 2024, 1920×1080 remains the most common desktop resolution at roughly 22% global share, followed by 1366×768 at approximately 14%. Using either of these maximizes your screen resolution anonymity factor. Resolutions like 2560×1600 or ultrawide 3440×1440 are used by under 1% of users and are highly identifying.

No. Every probe runs entirely in your browser using native JavaScript APIs. No network requests are made. No data is transmitted. The anonymity score and all intermediate results exist only in your browser's memory and optionally in localStorage for persistence across sessions. You can verify this by monitoring the Network tab in DevTools.

Modern browsers (Firefox 86+, Safari) have restricted WebRTC IP exposure by default behind permission prompts or mDNS obfuscation. Chrome still exposes local IPs through ICE candidates in most configurations. If the test finds no candidates, your browser either blocks WebRTC enumeration natively or an extension is intervening. The score reflects what was actually detectable.

This tool tests 14-18 common vectors. Commercial services like FingerprintJS Pro use 70+ signals including font enumeration, WebGL parameter dumps, CSS feature queries, and behavioral biometrics. This tool provides a strong approximation of your exposure surface. A score of 80+ here correlates well with low identifiability, but a truly determined tracker with server-side enrichment may still narrow identification further.