Getting startedUpdated April 22, 2026 · 8 min read

How to access the dark web safely

A practical, step-by-step guide to accessing the dark web with the Tor Browser — desktop and mobile. The settings that actually matter, the mistakes to avoid, and what to do once you're in.

Accessing the dark web is much less complicated than the headlines suggest. You install one piece of software — the Tor Browser — open it, type a .onion address, and you're there. No special configuration, no command line, no levels.

The trickier part is doing it safely: knowing which settings to leave alone, which links to trust, and which mistakes will quietly deanonymise you. This guide walks through the whole process — desktop and mobile — and points out the things that actually matter.

What you need before you start

A computer or phone you trust. The Tor Browser is hardened, but it can't protect you from malware that's already on the device.
A reliable internet connection. Tor works on flaky networks, but the first connection is easier on a stable one.
About five minutes. That's all the actual setup takes.

You do not need a VPN, a special operating system, or any account. Tor is free, anonymous by design, and run by a non-profit.

Step 1 — Download the Tor Browser

Go to torproject.org/download and pick your operating system. The download is offered for Windows, macOS, Linux and Android. On iOS, scroll down to Onion Browser — Apple's browser-engine rules prevent the Tor Project from shipping a true Tor Browser there, so they recommend Onion Browser by Mike Tigas instead.

Only download from torproject.org, or from a mirror the project explicitly endorses. There are dozens of look-alike sites that bundle malware into a fake "Tor" installer. If you searched for "Tor Browser download" and landed on a slick-looking page that isn't on the torproject.org domain, close it.

Step 2 — Verify the download (optional but worth it)

The Tor Project signs every release with a PGP key. If you're comfortable with the command line, the verification instructions take a couple of minutes and confirm that the file you downloaded really came from them. Most users skip this and rely on the HTTPS download alone, which is reasonable for ordinary use.

Step 3 — Install and connect

Run the installer the way you'd install any other application. On first launch, the Tor Browser shows a single button: Connect. Click it. After a few seconds you'll see the welcome page, and you're on the Tor network.

If your country blocks Tor connections, the same screen has a Configure connection option that lets you configure a bridge — a relay that isn't listed publicly, which makes it harder for censors to spot. The Tor Project's bridges page will hand you one if the built-in options don't work.

Step 4 — Visit your first .onion address

The Tor Browser can browse the regular web too, but the dark web lives at addresses ending in .onion. A few safe starting points published by the organisations themselves:

The Tor Project's onion service — 2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion
DuckDuckGo — duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
BBC News — bbcnewsd73hkzno2ini43t4gblxvycyac5aw4gnv7t2rccijh7745uqd.onion

Or just open the dark.cfd directory, pick a category, and copy an address from there — every entry has been cross-checked against the operator's clearnet site.

Doing it on a phone

Android

Install the official Tor Browser from Google Play, F-Droid (via the Guardian Project repo) or directly from torproject.org. The interface is almost identical to the desktop version, with the same Connect button and the same security slider. If you also want to route other apps through Tor, install Orbot — it sets up a system-wide proxy.

iOS

Install Onion Browser from the App Store. It's free, open source, and recommended by the Tor Project. Apple requires every iOS browser to use WebKit, so the experience isn't identical to the desktop Tor Browser, but for reading .onion sites it works well.

Make it actually safe

The Tor Browser ships with sensible defaults. The most useful thing you can do for safety is not change them. Everything below is the rest of the list:

Use the security slider. The shield icon in the toolbar opens it. Standard is fine for most sites; Safer disables JavaScript on non-HTTPS pages and is a good default if you're browsing unfamiliar onion services; Safest disables JavaScript everywhere and breaks a lot of sites, but is the right setting for high-risk reading.
Don't resize the window. The default size is chosen to make your browser fingerprint blend in with everyone else's. Maximising it makes you stand out.
Don't install browser add-ons. Every extension you add is a fingerprint and a potential leak. The Tor Browser already includes NoScript and HTTPS-Everywhere by default.
Don't log into accounts tied to your real identity. Logging into your normal Gmail or Twitter through Tor doesn't anonymise you — it links your real account to your Tor session.
Be careful with downloads. Documents, PDFs and executables can phone home through your normal connection when you open them, leaking your real IP. If you must open a download, do it offline or inside a virtual machine.
Stick to verified addresses. Anyone can stand up an .onion that looks like a real one. Cross-check the address against the operator's clearnet site, a search engine you trust, or this directory.

What about a VPN?

The dark web works perfectly without a VPN. People add one for two reasons: their internet provider is hostile to Tor traffic, or they don't want their provider to see Tor connections at all. If either applies, connect to the VPN first, then launch the Tor Browser. Don't pick a VPN based on a glossy review site — the dark web SEO market is full of affiliate spam. Pick one with a published audit, a clear no-logs policy and a track record.

Common mistakes to avoid

Downloading "Tor" from a search ad. The first ad in a search result is regularly a malware drop. Type the URL by hand.
Pasting .onion links from random Reddit or Telegram posts. Half of them are phishing clones with one character changed.
Trusting any site that asks you to disable the security slider "just to view this page." Close the tab.
Assuming Tor protects you from yourself. Logging in, uploading a document with your real name in the metadata, or buying anything with a payment method tied to you all break the anonymity Tor provides.

Where to go from here

The dark web is mostly mundane — newsrooms, privacy tools, whistleblowing inboxes. Once you're set up, browse the dark.cfd directory for verified addresses, read up on how Tor works if you want to understand what's happening under the hood, or check whether Tor is legal where you live before you spend much time on it.

Frequently asked questions

Do I need a VPN to access the dark web?

Not for the network to work. Tor already encrypts your traffic and hides your IP from the sites you visit. Some users add a VPN so their internet provider doesn't see they're using Tor at all — that's a privacy preference, not a safety requirement. If you do use one, connect to the VPN first, then open the Tor Browser.

Is it safe to access the dark web?

Reading legal content with the Tor Browser at its default settings is about as risky as reading the same content on Chrome. The risk comes from what you do once you're on it: downloading files from anonymous operators, enabling JavaScript on shady pages, or following random links from comment sections. Stick to addresses you can verify and you'll be fine.

Can I access the dark web on my phone?

Yes. On Android, install the official Tor Browser from the Tor Project (available on Google Play and F-Droid). On iOS, the Tor Project recommends Onion Browser by Mike Tigas — Apple's restrictions on alternate browser engines mean there's no Firefox-based Tor Browser on the App Store.

Will my internet provider know I'm on the dark web?

Your provider can usually see that you've connected to the Tor network, but not what you do once you're on it — that's encrypted. If hiding the fact that you use Tor matters (for example, if you live somewhere where Tor is blocked), the Tor Project publishes bridges and pluggable transports that disguise the connection.

How long does it take to set up?

About five minutes. Download the Tor Browser, run the installer, click Connect, and you're on. You don't need to configure anything by hand for normal use.