About Cookies and Account Security

Written By Frek on Saturday, 26 November 2011 | 00:48

What is Cookies? Cookies are small data stored by your browser provided by the origin web server which will then be sent back to the web server by the browser when you access the website again. It could also be a marker of login account on a website. Could also be a recognition of our machine, eg operating system, browser, etc.. That's why some websites we can recognize the device.

Then what is the problem of security about these cookies? Session hijacking can occur if someone can get cookies from an account. Say a Facebook account, if the cookies we can be known or stolen by others, then we can easily hijack the account. Although cookies have the validation of the time but still dangerous if we are not able to safeguard and secure the well.


Session hijacking use cookies, then inject the content to the browser cookies, and, voilla, directly log into your account on these cookies.

One way to secure cookies is that we must be careful in making connections, let alone on a public hotspot, we do not know if anyone who target package our cookies or not. A tool called wireshark can be used to steal cookies in a network. Thus the notice in which we connect, secure? Are reliable?

In the Firefox browser we can see the cookies stored by, Preferences -> Privacy -> Remove cookies individually. There we could see all the cookies stored on your browser. For Google Chrome, Preference -> Under the Hood -> Content Settings -> All cookies and site data. All cookies are stored can be seen there. Just make sure these cookies that no one steals.

The point is that cookies can be used by hijackers to steal our accounts. Both Facebook account, email or other accounts. It is all because of cookies is also a marker for the data stored login on a website.

0 comments:

Post a Comment