Sandbox: Multiple Profiles / Containers

This is a Premium-only feature, available for purchase within the app. Each Premium feature can be activated forever with a one-time purchase (no subscriptions).

Hermit is the only Android browser with Sandboxes: completely separate Containers that let you use Multiple Profiles. With the Sandbox feature, you can:

• Separate work accounts from personal accounts.
• Create a separate sandboxed environment for privacy-invasive sites like Facebook.
• Use multiple Google accounts, all active at the same time, in the same browser.
• Use Incognito Mode for sites that offer preferential treatment to first-time users (such as free access to paywalled content).

This feature is available on Android 9 Pie and above. Most phones released in the last 3+ years are eligible.

What is a Sandbox?

“Sandbox” is a computer science term for isolating a piece of software so that it can access only certain resources, programs, and files within a computer system. In the context of Web browsers, a sandbox can provide an isolated container for completely independent login sessions, all active at the same time.

How to Use

Each Lite App can run in one of the following sandboxes provided by Hermit.

Default Sandbox

• The primary sandbox, if you don’t choose any other one.
• Available by default to all users (no need to purchase the Sandbox feature).
• Notifications via Feeds and Web Monitors are only available for Lite Apps created in this Sandbox.

Colored Sandboxes — 🔴 🟢 🔵 🟣 🟡

• Each colored Sandbox can contain its own login credentials for each Lite App.
• You can sign in to as many different accounts at the same time as you have Sandboxes.
• Multiple Lite Apps in the same Sandbox that are owned by the same company may be able to share the same session. Note that this is exactly how any other browser works, and Hermit offers an extra level of protection to keep your sessions separate that no other browser offers.

Incognito Mode

• Also sandboxed from all other sandboxes.
• Cookies are automatically deleted and cleared whenever the window is closed.
• Lite Apps that offer benefits to first-time users (such as paywalled content) can be set to always open in Incognito Sandbox so the site cannot track your cookies at all between consecutive visits.

How to Configure

1. Create a New Lite App.
2. Launch your Hermit Lite App.
3. Tap on the Settings button to open the “Quick Settings” sidebar.
4. Within Quick Settings, tap on the “More Settings” button.
5. Tap on a color for the Sandbox.
6. Restart the Lite App when the app prompts you to restart.
7. Swipe away all existing Lite Apps from your phone’s Recent Apps list.
8. Launch the New Lite App from Hermit’s main list of Lite Apps.

Please ensure that you restart all Lite Apps, and swipe them away from Recents. If any existing Lite Apps remain active, the new Lite App may not open in the correct Sandbox.

Currently, there is no way to add a sticker to the Home Screen icon. An interesting work-around is to paste an emoji before or after the name of the Lite App before adding it to the home screen.

Grouping Lite Apps into Sandboxes

Each independent site is always isolated from every other site, in every browser including Hermit, even without the Sandbox feature. E.g. Instagram cannot read LinkedIn’s cookies, and vice versa, nor can either of them read Google’s cookies. This is a basic security measure that the entire Web depends on, and Hermit enforces that strictly.

But, as in other browsers, different sites may decide to share login credentials. E.g. when a site uses Login with Google / Facebook / Apple, they are allowed to have limited access to the account that you signed up with. Otherwise “Login with X” wouldn’t work at all!

In these cases, you will need to keep different Lite Apps in the same Sandbox. E.g. when using Google Login on another site, make sure to keep both the Lite Apps in the same Sandbox. As another example, Facebook and Instagram are from the same company, and if you want to use the same account for both, then you need to keep them both in the same Sandbox.

Frequently Asked Questions

Can two Lite Apps in the same Sandbox share cookies?

No, absolutely not. Just like every other browser, web sites in Hermit CANNOT access each others’ data.

Each web site has access only to its own cookies and its own storage, segregated by its domain name, because that’s how security works on the Web Platform (and has for the last 20+ years). A page from facebook.com cannot access cookies set by another page at, say, reddit.com in any browser.

What about between Two Lite Apps?

Opening two Lite Apps in the same Sandbox is like opening two tabs or two windows in Chrome (or Firefox, or Brave, or any other browser).

So while facebook.com cannot access reddit.com’s cookies, you cannot have two sets of cookies for facebook.com or reddit.com active at the same time. That means you cannot log in to Facebook or Reddit using two accounts at the same time in the same Sandbox.

What about between Two Sandboxes?

Opening two Lite Apps in different Sandboxes is like using two completely independent browsers on Android.

What about Third-Party Cookies?

A third-party server is one that’s used by another web site, e.g. both Facebook and Reddit may use some-ad-server.com. When placed in different Sandboxes, there is also complete separation of third-party cookies, which enhances your privacy even further.

Because of the way the Web works, some-ad-server.com will always have access to its own data, no matter which window or tab or Lite App you are using, but limited to the Sandbox it is in.

What about Other Browsers?

To the best of our knowledge, no other browser currently supports Containers or Profiles on Android.

• Chrome’s Profiles feature is not supported on Android.
• Firefox’s Containers feature is also not supported on Android.

• Brave, Vivaldi, Kiwi, Bromite, and all other Chromium variants simply mimic the same default config that Chrome offers, and do not offer any notion of Sandboxes or Profiles or Containers.

• BEWARE: there is an open-source app, “WebApps Sandboxed Browser”, that claims to offer sandboxing, but their implementation is flawed and does not, in fact, sandbox your web apps. Please read our published analysis, or test it yourself.

If you know of any other browser that supports Sandboxes on Android, we’d love to hear about it!