7
The moment I realized I'd been clicking 'remember this device' for years
I was at a coffee shop in Portland last Tuesday, logging into my email on a public wifi. I clicked 'remember this device' without even thinking, same as I always do. Then I got up to grab my drink and saw a guy three tables over typing on a laptop with a massive antenna plugged into it. It hit me like a ton of bricks. He could have been sniffing cookies or session tokens the whole time. How do you guys handle saved logins on public networks without going crazy?
3 comments
Log in to join the discussion
Log In3 Comments
amyh1211d ago
That story about the guy with the antenna really got to me... it's one of those things you never think about until someone points it out. I remember last year I was working from a library and saw someone running Wireshark on an old laptop. Made me realize how many times I've just blithely clicked "remember" on airport terminals and hotel business centers without a second thought. The whole thing with the browser fingerprinting too... I had no idea those cookies weren't actually tied to my device. Makes me wonder how many old logins are just floating around out there with my name on them. I've started using a separate browser just for public wifi now, but I still forget sometimes.
7
wells.christopher11d ago
Switched to a separate browser just for login-only tasks on public wifi and it cleaned up most of my paranoia. Pair that with a browser extension that nukes cookies whenever I close that window and the problem mostly solves itself. Still gives me the creeps thinking about all those old sessions though.
5
wells.christopher11d ago
Funny you mention that because what really gets me is how many of those "remember this device" cookies aren't even tied to the device itself. They're tied to the browser profile. So if someone clones your browser fingerprint or steals your cookies they can just replay that token from anywhere. I actually checked mine once and found like 40 logged in sessions from computers I hadn't used in years. Just sitting there. No one talks about the device fingerprint angle.
4