Font fingerprinting identifies a device by probing which fonts are installed or how text renders at a metric level. The set of installed fonts is shaped by the operating system, installed applications, and user customisation, making it a distinctive signal that varies across devices even when other browser settings are shared.
There are two broad approaches to font fingerprinting. The first probes for the presence or absence of specific fonts by measuring the width or bounding box of text rendered in each candidate font versus a fallback. The second reads low-level text rendering metrics from the canvas or CSS to detect rendering differences even when the font list itself is not directly exposed.
The installed-font set carries identifying information because it reflects the full software history of the device: the base OS installation, productivity suites, design tools, and manually installed fonts all leave distinct traces. Two devices with the same OS version can still differ in their font sets if one has additional software installed.
In doorman-benny
In doorman-benny, font signals feed the browser-level `fingerprint` because text rendering can vary between browser engines on the same machine, making the result engine-bound rather than hardware-bound.
Fonts signal (docs)Frequently asked questions
Can a website see which fonts I have installed?
Not directly, as browsers do not expose a font-list API. Font fingerprinting infers presence indirectly by measuring how text renders in a candidate font versus a known fallback, without the site ever reading the raw font list.
How unique is a font fingerprint?
Font fingerprints are moderately unique but less so than signals like canvas or WebGL. Their value comes from combination with other signals: even a font fingerprint that matches one in a million browsers meaningfully narrows the population when combined with a canvas hash.
Can font fingerprinting be blocked?
Some privacy tools restrict canvas text measurements or return generic fallback metrics. A device that returns only system-default font metrics is itself distinguishable from one that reports a richer set, so blocking often trades one pattern for another.
