How to Use Tor Browser
A beginner's guide to anonymous browsing.
Tor Browser is the most widely used tool for accessing the internet anonymously. Whether you are a journalist protecting sources, a researcher studying the dark web, an activist in a censored country, or simply someone who values privacy, this guide will walk you through everything you need to get started.
Step 1: Download Tor Browser
The single most important rule: always download Tor Browser from the official source.
- Official website: https://www.torproject.org
- Available for: Windows, macOS, Linux, and Android.
Choosing Your Platform
| Platform | File Type | Notes |
|---|---|---|
| Windows | .exe installer | Works on Windows 10 and later |
| macOS | .dmg disk image | Works on macOS 10.15+ |
| Linux | .tar.xz archive | Extract and run; no installation needed |
| Android | APK via Google Play | Search "Tor Browser" by The Tor Project |
| iOS | Not available | Use Onion Browser (open-source alternative) |
Step 2: Verify the Download (Recommended)
Verifying your download ensures the file has not been tampered with. The Tor Project provides signature files for every release.
- Download the Tor Browser installer and its corresponding
.ascsignature file from the same page. - Import the Tor Browser Developers signing key:
gpg --auto-key-locate nodefault,wkd --locate-keys [email protected]
- Verify the signature:
gpg --verify tor-browser-linux-x86_64-14.0.tar.xz.asc tor-browser-linux-x86_64-14.0.tar.xz
- Look for
Good signature from "Tor Browser Developers"in the output.
Step 3: Install and Launch
Windows
- Run the downloaded
.exefile. - Choose your language and installation directory.
- Click Install and then Finish.
- Launch Tor Browser from the Start menu or desktop shortcut.
macOS
- Open the
.dmgfile. - Drag the Tor Browser icon to your Applications folder.
- Open Tor Browser from Applications. On first launch, macOS may warn you about an unidentified developer โ go to System Settings > Privacy & Security and click Open Anyway.
Linux
- Extract the
.tar.xzarchive:
tar -xf tor-browser-linux-x86_64-14.0.tar.xz
- Navigate into the extracted directory:
cd tor-browser
- Run the browser:
./start-tor-browser.desktop
Step 4: First Connection
When you launch Tor Browser for the first time, you will see a connection screen with two options:
- Connect โ Use this if you have unrestricted internet access. Tor Browser will connect to the Tor network directly. This works for most users in most countries.
- Configure Connection โ Use this if your internet is censored, filtered, or you are connecting through a restrictive firewall (see Step 6 on bridges below).
Click Connect. The browser will take a moment to establish a circuit through the Tor network. Once connected, you will see the Tor Browser home page confirming a successful connection.
Verifying Your Connection
Visit https://check.torproject.org to confirm that your traffic is being routed through Tor. The page will display a message confirming whether your browser is configured to use Tor.
Step 5: Configure Security Settings
Tor Browser has a built-in Security Level feature accessible from the shield icon in the toolbar (or via Settings > Privacy & Security > Security Level). There are three levels:
Standard
- All browser features are enabled.
- Best for general browsing where you need full website functionality.
- JavaScript is enabled on all sites.
Safer
- JavaScript is disabled on non-HTTPS sites.
- Some fonts and math symbols are disabled.
- Audio and video media require click-to-play.
- A good balance between security and usability.
Safest
- JavaScript is disabled on all sites.
- Some images, fonts, and icons are disabled.
- Only static content will load properly.
- Maximum security, but many websites will break.
| Security Level | JavaScript | Media | Use Case |
|---|---|---|---|
| Standard | All sites | Auto-play | General browsing |
| Safer | HTTPS only | Click-to-play | Recommended default |
| Safest | Disabled | Restricted | High-security research |
Step 6: Using Bridges for Censored Regions
If you are in a country where Tor is blocked (China, Russia, Iran, and others), you need bridge relays. Bridges are unlisted Tor entry points that are harder for censors to detect and block.
How to Configure Bridges
- Open Tor Browser and go to Settings > Connection.
- Under Bridges, toggle on Use a bridge.
- Choose one of the following options:
Select a built-in bridge:
- obfs4 โ The most widely used pluggable transport. Recommended as a first choice.
- Snowflake โ Uses WebRTC to disguise Tor traffic as ordinary video calls. Good for heavily censored environments.
- meek-azure โ Routes traffic through Microsoft Azure to disguise it as ordinary cloud traffic. Slower but effective.
Request a bridge from torproject.org:
- Visit https://bridges.torproject.org from a non-censored connection (or ask someone you trust to get bridges for you).
- Enter the provided bridge lines into Tor Browser's settings.
Essential Do's and Don'ts
Getting the software right is only half the battle. Your behavior while using Tor Browser matters just as much. Here are the rules that will keep you safe:
Do
- Keep Tor Browser updated. Updates fix security vulnerabilities. Enable automatic updates in settings.
- Use HTTPS whenever possible. Tor encrypts traffic within its network, but the exit node to the destination site is unencrypted unless the site uses HTTPS. Look for the padlock icon.
- Use the Safest or Safer security level for sensitive browsing.
- Close Tor Browser when finished. This clears your session data automatically.
- Use
.onionversions of sites when available. These provide end-to-end encryption within the Tor network and do not use exit nodes. Find verified links on Deepr or in our curated .onion directory. - Verify
.onionaddresses carefully. Phishing sites with similar-looking addresses are common on the dark web. Use Deepr or other link verification tools to confirm addresses.
Don't
- Don't maximize the browser window. Tor Browser starts in a specific window size to prevent fingerprinting. Resizing it reveals your screen resolution, which can help identify you.
- Don't install additional extensions. Tor Browser comes with the extensions it needs (NoScript, for example). Adding extensions can create unique fingerprints that compromise your anonymity.
- Don't open downloaded files while connected to Tor. Files (especially PDFs and Office documents) can contain resources that connect to the internet outside of Tor, revealing your real IP address.
- Don't use Tor for torrenting. Torrent clients often leak your real IP address despite proxy settings. It also puts excessive strain on the Tor network.
- Don't log into personal accounts. Logging into your real Gmail, Facebook, or bank account while using Tor links your identity to your Tor session, defeating the purpose of anonymity.
- Don't use your real name or personal information. Anything that can identify you should be kept separate from your Tor browsing.
- Don't assume you are invincible. Tor provides strong anonymity, but poor operational security can still compromise you. Anonymity is a practice, not a switch. Read our guide on how to stay anonymous online for best practices.
Understanding the New Identity Feature
Tor Browser includes a New Identity feature (accessible from the broom icon in the toolbar or via Ctrl+Shift+U). This:
- Closes all open tabs and windows.
- Clears all session data (cookies, history, cache).
- Builds a new Tor circuit with different relays.
Use New Identity whenever you want to start a completely fresh session โ for example, when switching between different research topics that you do not want linked to each other.
There is also a New Circuit for this Site option (Ctrl+Shift+R), which changes the Tor circuit for the current site without clearing your entire session. This is useful if a site is loading slowly due to a poor relay connection.
What Tor Browser Does Not Protect Against
Tor Browser is a powerful privacy tool, but it has limitations:
- Malware โ Tor does not protect you from downloading malicious software. Use common sense and avoid downloading files from untrusted sources.
- End-to-end timing attacks โ A powerful adversary who can observe both your traffic entering the Tor network and the traffic leaving it can potentially correlate them. This is a theoretical risk for most users but a real concern for high-value targets.
- Compromised exit nodes โ When visiting non-
.onionsites, the exit node can see your unencrypted traffic. Always use HTTPS. - Browser exploits โ Like any browser, Tor Browser can have zero-day vulnerabilities. Keeping the Safest security level minimizes this risk by disabling JavaScript.
Next Steps
Now that you have Tor Browser set up, you might want to explore:
- What Is the Dark Web? โ Understand what you are looking at.
- VPN vs Tor โ Should you use a VPN alongside Tor?
- Is the Dark Web Illegal? โ Know the law before you browse.
- How to Access the Dark Web โ Our comprehensive deep-dive guide.
- Tails OS for the Dark Web โ Take your security further with a dedicated operating system.
- Deepr โ Dark web search engine and link directory with community votes and live status (open in Tor Browser).
- Best Onion Links 2026 โ Curated directory of verified .onion sites to explore.
