Browser fingerprinting accounts for ~70% of account correlation detections — yet most people only rotate IPs.
The 3 Layers of Browser Identity
- IP layer — easy to change with a VPN
- HTTP headers — easy to spoof
- Fingerprint layer (Canvas, WebGL, fonts, AudioContext) — hard to fake
What Gets Collected
Canvas fingerprinting: GPU renders invisible graphics; output hash is unique per hardware combo.
WebGL fingerprinting: Exposes GPU renderer/vendor strings unique to your hardware.
Font enumeration: Installed font list differs between OS and machines.
WebRTC local IP leak: Even behind a proxy, leaks your LAN IP — constant across sessions.
Why Multi-Account Setups Get Caught
Same canvas hash + same WebRTC LAN IP + same fonts = platforms know it's one person, regardless of proxy rotation. Incognito mode and separate Chrome profiles don't help.
The Fix: Complete Profile Isolation
I use FireKey for this — free open beta, each profile gets a completely isolated fingerprint identity. No VPS required.
Test Your Fingerprint
→ https://coveryourtracks.eff.org/
Written from a FireKey isolated browser environment.
Top comments (0)