Jump to content

secure cookies

Guest 4eyes

By Guest 4eyes
in Windows XP

 Share

Recommended Posts

Guest 4eyes

Guest 4eyes

Posted
Posted

Everytime I log onto my financial institution's website, I must verify my

identy. The FAQ's say that this is because I am deleting the secure cookie

from my browser. This even occurs if i log out and log back in moments

later. I have added the bank to my trusted sites, but the problem is still

there. How can I keep these cookies from being deleted?

--

4i''''''''s

  • Replies 9
  • Created
  • Last Reply

Popular Days

Popular Days

Guest R. McCarty

Guest R. McCarty

Posted
Posted

Re: secure cookies

 

Do you have Security program that is "Silently" processing cookies ?

Cookies once set, should persist unless you use a scanning tool such

as Ad-Aware or others that marks some cookies as a threat.

 

One solution, is to override IE's (Assuming IE) automatic handling of

cookies. I generally use "Prompt" for 1st-Party cookies and a global

block of all 3rd-Party cookies. Using prompt you can over time build

up a table of those sites you want to allow to set a cookie.

 

IE, Tools, Internet Options, Privacy - is where you'll find the control

settings for Cookies.

 

"4eyes" <4eyes@discussions.microsoft.com> wrote in message

news:C174BE07-66AC-4A87-AC12-A0333A9C5D47@microsoft.com...

> Everytime I log onto my financial institution's website, I must verify my

> identy. The FAQ's say that this is because I am deleting the secure

> cookie

> from my browser. This even occurs if i log out and log back in moments

> later. I have added the bank to my trusted sites, but the problem is

> still

> there. How can I keep these cookies from being deleted?

> --

> 4i''''''''s

Guest GHalleck

Guest GHalleck

Posted
Posted

Re: secure cookies

 

 

4eyes wrote:

> Everytime I log onto my financial institution's website, I must verify my

> identy. The FAQ's say that this is because I am deleting the secure cookie

> from my browser. This even occurs if i log out and log back in moments

> later. I have added the bank to my trusted sites, but the problem is still

> there. How can I keep these cookies from being deleted?

 

There might be several options built into the web browser that is being

used that will allow some cookies to persist. It might mean juggling the

security settings or making sure that the proper certificates exist. But

one really needs to wonder why cookies are being used in the first place

since many people do not necessarily log in from the same computer all

of the time, for instance. Is the bank log on set automatically? If so,

then don't do it and make it a practice to log on de novo each time.

The bank I use certainly does not leave cookies around or uses them

for all of the electronic banking that I do nor have I had any issues

with it since my cookies are scrubbed daily, in any event.

Guest 4eyes

Guest 4eyes

Posted
Posted

Re: secure cookies

 

I'll give it a try.

--

4i''''''''s

 

 

"R. McCarty" wrote:

> Do you have Security program that is "Silently" processing cookies ?

> Cookies once set, should persist unless you use a scanning tool such

> as Ad-Aware or others that marks some cookies as a threat.

>

> One solution, is to override IE's (Assuming IE) automatic handling of

> cookies. I generally use "Prompt" for 1st-Party cookies and a global

> block of all 3rd-Party cookies. Using prompt you can over time build

> up a table of those sites you want to allow to set a cookie.

>

> IE, Tools, Internet Options, Privacy - is where you'll find the control

> settings for Cookies.

>

> "4eyes" <4eyes@discussions.microsoft.com> wrote in message

> news:C174BE07-66AC-4A87-AC12-A0333A9C5D47@microsoft.com...

> > Everytime I log onto my financial institution's website, I must verify my

> > identy. The FAQ's say that this is because I am deleting the secure

> > cookie

> > from my browser. This even occurs if i log out and log back in moments

> > later. I have added the bank to my trusted sites, but the problem is

> > still

> > there. How can I keep these cookies from being deleted?

> > --

> > 4i''''''''s

>

>

>

Guest 4eyes

Guest 4eyes

Posted
Posted

Re: secure cookies

 

The logon is not automatic, but I have to go through the security questions

before I can conduct any business (pay bills, transfer money, etc).

--

4i''''''''s

 

 

"GHalleck" wrote:

>

> 4eyes wrote:

>

> > Everytime I log onto my financial institution's website, I must verify my

> > identy. The FAQ's say that this is because I am deleting the secure cookie

> > from my browser. This even occurs if i log out and log back in moments

> > later. I have added the bank to my trusted sites, but the problem is still

> > there. How can I keep these cookies from being deleted?

>

> There might be several options built into the web browser that is being

> used that will allow some cookies to persist. It might mean juggling the

> security settings or making sure that the proper certificates exist. But

> one really needs to wonder why cookies are being used in the first place

> since many people do not necessarily log in from the same computer all

> of the time, for instance. Is the bank log on set automatically? If so,

> then don't do it and make it a practice to log on de novo each time.

> The bank I use certainly does not leave cookies around or uses them

> for all of the electronic banking that I do nor have I had any issues

> with it since my cookies are scrubbed daily, in any event.

>

Guest Ghostrider

Guest Ghostrider

Posted
Posted

Re: secure cookies

 

 

4eyes wrote:

> The logon is not automatic, but I have to go through the security questions

> before I can conduct any business (pay bills, transfer money, etc).

 

So long as you can log on and perform the activities you want to do,

under SECURE conditions, then don't worry about cookies. Consider the

action of going through the security questions as an additional check

on security. Yes, cookies might eliminate this but is it really worth

it?

Guest +Bob+

Guest +Bob+

Posted
Posted

Re: secure cookies

 

On Sun, 22 Jul 2007 18:12:29 -0700, GHalleck

<ghalleck@arrakian.mining.com> wrote:

>But

>one really needs to wonder why cookies are being used in the first place

>since many people do not necessarily log in from the same computer all

>of the time, for instance. Is the bank log on set automatically? If so,

>then don't do it and make it a practice to log on de novo each time.

>The bank I use certainly does not leave cookies around or uses them

>for all of the electronic banking that I do nor have I had any issues

>with it since my cookies are scrubbed daily, in any event.

 

Many banks are using cookies to determine if that computer has

successfully logged into that account before. If they don't detect

that you've been there from that specific computer, they give you

additional security questions on the way in.

 

Whether this is more or less secure is debatable but it seems to be a

growing trend.

Guest +Bob+

Guest +Bob+

Posted
Posted

Re: secure cookies

 

On Sun, 22 Jul 2007 22:45:43 -0700, Ghostrider <-00-@fitron.142>

wrote:

>So long as you can log on and perform the activities you want to do,

>under SECURE conditions, then don't worry about cookies. Consider the

>action of going through the security questions as an additional check

>on security. Yes, cookies might eliminate this but is it really worth

>it?

 

My username, my password, they check to make sure it's a machine that

has logged into that account before with the cookie; I'd consider it

an annoyance, not a feature.

Guest Bob I

Guest Bob I

Posted
Posted

Re: secure cookies

 

 

 

+Bob+ wrote:

> On Sun, 22 Jul 2007 22:45:43 -0700, Ghostrider <-00-@fitron.142>

> wrote:

>

>

>>So long as you can log on and perform the activities you want to do,

>>under SECURE conditions, then don't worry about cookies. Consider the

>>action of going through the security questions as an additional check

>>on security. Yes, cookies might eliminate this but is it really worth

>>it?

>

>

> My username, my password, they check to make sure it's a machine that

> has logged into that account before with the cookie; I'd consider it

> an annoyance, not a feature.

>

 

Given the number of phishing attacks, having the cookie missing

indicates that additional security questions should be processed. If the

cookie exists then the assumption is made that this is the real user and

not the result of someone entering phished info.

Guest 4eyes

Guest 4eyes

Posted
Posted

Re: secure cookies

 

Your suggestion worked. It takes a little longer not using IE's automatic

cookie handling feature, but I'll put up with it. Maybe after a while I'll

be able to go back to automatic?

--

4i''''''''s

 

 

"R. McCarty" wrote:

> Do you have Security program that is "Silently" processing cookies ?

> Cookies once set, should persist unless you use a scanning tool such

> as Ad-Aware or others that marks some cookies as a threat.

>

> One solution, is to override IE's (Assuming IE) automatic handling of

> cookies. I generally use "Prompt" for 1st-Party cookies and a global

> block of all 3rd-Party cookies. Using prompt you can over time build

> up a table of those sites you want to allow to set a cookie.

>

> IE, Tools, Internet Options, Privacy - is where you'll find the control

> settings for Cookies.

>

> "4eyes" <4eyes@discussions.microsoft.com> wrote in message

> news:C174BE07-66AC-4A87-AC12-A0333A9C5D47@microsoft.com...

> > Everytime I log onto my financial institution's website, I must verify my

> > identy. The FAQ's say that this is because I am deleting the secure

> > cookie

> > from my browser. This even occurs if i log out and log back in moments

> > later. I have added the bank to my trusted sites, but the problem is

> > still

> > there. How can I keep these cookies from being deleted?

> > --

> > 4i''''''''s

>

>

>

 Share
Go to topic listing
×
×
  • Create New...