Tor Browser Security Slider: Standard, Safer, and Safest Compared

What the Tor Browser shield menu actually changes between Standard, Safer, and Safest, and when you should care about the difference.

The shield icon in the top right of the Tor Browser opens a menu with three security levels: Standard, Safer, and Safest. Most users glance at it once during setup, leave it on Standard, and never think about it again. That is the default for a reason, but it is also the wrong choice for anyone using Tor to reach a privacy-sensitive site. This page walks through what each setting actually disables, what you lose at each step, and which one to pick for which kind of session.

What the slider really controls

The slider controls the browser's attack surface. The Tor Browser is built on Firefox, and Firefox supports a long list of features that have historically been used to fingerprint users, run code in unexpected places, or break out of the browser sandbox. The slider exposes a coarse-grained switch over the most commonly abused features. It does not change anything about the Tor network itself; it only changes what the browser does with the pages it loads.

Standard: maximum compatibility

JavaScript is enabled. Web fonts load. WebGL works. Most websites render the way their designers expected. The downside is the same: every JavaScript-heavy attack surface that exists on the wider web is exposed here too. For casual reading of clearnet news through Tor, Standard is fine. For anything involving an account, a balance, or a transaction, Standard is too permissive.

Safer: a sensible middle

JavaScript is disabled on non-HTTPS sites, audio and video do not autoplay, some fonts and math glyphs are turned off. The browser still loads most pages competently, and most modern HTTPS sites still work. Safer is the right choice for users who want a noticeable safety upgrade without breaking too many sites.

The thing to know about Safer is that it does not protect you on HTTPS sites that run JavaScript. The Tor Browser threat model assumes any JavaScript could be hostile, even on an HTTPS site, because Tor users disproportionately attract that interest. Safer reduces the surface but does not close it.

Safest: the privacy-first setting

JavaScript is disabled on every site by default. WebGL, math glyphs, and most non-essential browser features are off. Audio and video require an explicit click. Some sites will not render fully, especially ones that built their layout around scripts running.

Safest is the right setting for any session involving a Tor hidden service, a wallet, a marketplace, or any account you want to keep separate. The trade is that some clearnet sites will look broken; that is the cost of removing the largest browser attack surface. Hidden services worth using are designed to work cleanly at Safest, because their operators know their users will be on it.

The practical rule

The single most useful habit is: when you open the Tor Browser to do anything that matters, the first thing you do is set the shield to Safest. Not "if you remember." Always. Standard exists for the rare case when you need a clearnet site to function and you do not care about the exposure for that session.

Hidden service users have an even simpler rule. The marketplaces, forums, and directories that people actually visit through Tor publish themselves as Safest-compatible. If a site demands you enable scripting "to view the menu," treat it as a smell. Real privacy-focused services do not make that trade.