Q&A Is Deleting Cookies the Only Way to Prevent Cookie Theft?

always_forever

Level 1
Jul 1, 2021
26
Hello,

I hope this post finds everyone here well and staying safe.

I'm wondering if there Is any way to prevent passwords from being stolen due to cookie theft apart from deleting all cookies after each browser session?

I know there’s a tradeoff between convenience and security and I’m willing to embrace that…but I work online a lot and having to re-register my PC multiple times every day is draining a lot of precious time.

Is the best way to just delete them or is there another way to prevent this?

There’s a lot of scams in the world these days and I’m doing my best to increase my cybersecurity knowledge and practices…so any insight would be sincerely appreciated!
 
F

ForgottenSeer 85179

With a secure browser stealing cookies mean the attacker have access to your pc. To prevent that, you should harden your setup.

Cookies aren’t your biggest problem. Also enable 2FA where possible
 
  • Like
Reactions: SumTingWong

always_forever

Level 1
Jul 1, 2021
26
Thanks for the reply. What do you consider to be a secure browser setup? I have to use Chrome for work and use Adblock Plus.

What do you mean exactly when you say "harden your setup"? Are you referring to AV software?
 
  • Like
Reactions: SumTingWong

always_forever

Level 1
Jul 1, 2021
26
With a secure browser stealing cookies mean the attacker have access to your pc. To prevent that, you should harden your setup.

Cookies aren’t your biggest problem. Also enable 2FA where possible
Thanks for the reply. What do you consider to be a secure browser setup? I have to use Chrome for work and use Adblock Plus.

What do you mean exactly when you say "harden your setup"? Are you referring to AV software?
 

Lenny_Fox

Level 22
Verified
Oct 1, 2019
1,125
@always_forever
When you are concerned about passwords stored in cookies, why don't you try out a password manager like open source bitwarden? Bitwarden Open Source Password Manager

@SecurityNightmares and @Digmor Crusher
I assume your answers were well intended but reading the reaction of the thread owner, your reactions were not very helpful. I experienced the same when I joined MT. It is not a rant against the two of you, but more of tip to seasoned members. Better provide actionable answers to new members.
 

always_forever

Level 1
Jul 1, 2021
26
@always_forever
When you are concerned about passwords stored in cookies, why don't you try out a password manager like open source bitwarden? Bitwarden Open Source Password Manager

@SecurityNightmares and @Digmor Crusher
I assume your answers were well intended but reading the reaction of the thread owner, your reactions were not very helpful. I experienced the same when I joined MT. It is not a rant against the two of you, but more of tip to seasoned members. Better provide actionable answers to new members.
Thanks for the helpful post. I do use a password manager and hadn't considered that, when doing so, passwords aren't stored in cookies. So perhaps this isn't even a concern!
 
F

ForgottenSeer 85179

Thanks for the reply. What do you consider to be a secure browser setup? I have to use Chrome for work and use Adblock Plus.
Chrome and Edge are secure.
wouldn’t use AdblockPlus for many reasons, like attack surface.

What do you mean exactly when you say "harden your setup"? Are you referring to AV software?
No, AV software aren’t hardening. I mean OS hardening.
take a look at Hard_Configurator from AndyFul
 

always_forever

Level 1
Jul 1, 2021
26
Chrome and Edge are secure.
wouldn’t use AdblockPlus for many reasons, like attack surface.


No, AV software aren’t hardening. I mean OS hardening.
take a look at Hard_Configurator from AndyFul
Got it. What might you use instead of AdblockPlus? uBlock origin? I think everyone needs to use ad blockers these days, right?

I'll take a look at OS hardening. Lots to learn!
 
  • Like
Reactions: ForgottenSeer 85179

Gandalf_The_Grey

Level 50
Verified
Trusted
Content Creator
Apr 24, 2016
3,980
Got it. What might you use instead of AdblockPlus? uBlock origin? I think everyone needs to use ad blockers these days, right?

I'll take a look at OS hardening. Lots to learn!
Instead of AdblockPlus I would certainly use uBlock Origin.
The default settings are fine for most users.
But if you want to experiment and even block more stuff there are some advanced modes to try and they are described in the wiki:
And one of us here made their own version of the medium mode:
 

always_forever

Level 1
Jul 1, 2021
26
Instead of AdblockPlus I would certainly use uBlock Origin.
The default settings are fine for most users.
But if you want to experiment and even block more stuff there are some advanced modes to try and they are described in the wiki:
And one of us here made their own version of the medium mode:
Excellence! I'll switch to uBlock Origin. I didn't know it was more secure or that AdblockPlus wasn't secure.
 
  • Like
Reactions: Gandalf_The_Grey

oldschool

Level 62
Verified
Mar 29, 2018
5,105
Instead of AdblockPlus I would certainly use uBlock Origin.
The default settings are fine for most users.
But if you want to experiment and even block more stuff there are some advanced modes to try and they are described in the wiki:
And one of us here made their own version of the medium mode:
There's also this thread: Browser Add-on - uBlock Origin/Nano Adblocker - User Tips, Questions and Issues Thread
 
  • +Reputation
Reactions: Gandalf_The_Grey

Gandalf_The_Grey

Level 50
Verified
Trusted
Content Creator
Apr 24, 2016
3,980
Excellence! I'll switch to uBlock Origin. I didn't know it was more secure or that AdblockPlus wasn't secure.
Both are secure and reputable extensions.
uBlock Origin is more efficient and blocks more on default settings.
In my opinion it is the best adblocking extension out there.
From its wiki:
An efficient blocker add-on for various browsers. Fast, potent, and lean.

uBlock Origin is NOT an "ad blocker": it is a wide-spectrum blocker -- which happens to be able to function as a mere "ad blocker". The default behavior of uBlock Origin when newly installed is to block ads, trackers and malware sites -- through EasyList, EasyPrivacy, Peter Lowe’s ad/tracking/malware servers, Online Malicious URL Blocklist, and uBlock Origin's own filter lists.
 
F

ForgottenSeer 85179

Gandalf_The_Grey

Level 50
Verified
Trusted
Content Creator
Apr 24, 2016
3,980
I find that a bit extreme.
Of course, limiting third party apps and extensions is preferred for security and privacy, but now you are trusting a third party dns provider.
I don't think a few well-chosen extensions pose a real threat.
 
Top