Cookies
I want to view the userid and password information which are stored in Cookies but i didnt fine it where it was and by which extension. can any 1 help me in this matter?
Software/Hardware used:
Software/Hardware used:
ASKED:
March 4, 2008 7:14 AM
UPDATED:
March 4, 2008 3:13 PM
RELATED QUESTIONS
Answer Wiki:
Sensitive information which is stored in cookies is typically stored encrypted so that it can not be viewed by others. However, this is a best practice and not always a reality becasue unfortunately some web developers don't think about security concerns.
Cookies are typicaly stored in the user profile which is in C:Documents and Settings%username% in a folder named <i>Cookies</i>. It's a good idea to look through there to see if there is anything readable. If you find something personally identifiable, like a social security number, bank account, or password it's best to note the name of the site in the cookie and not only delete the cookie, but forget about the site.
If you can't forget about the site, I'd contact the site administrator to let them know-- but honestly, I've had mixed results doing this because, like I said before, not all developers think about security.
A lot has been done to make it easy to encrypt this data since "the early days", so having clear text in a cookie isn't a huge concern, but it's always a good idea to be vigilent with your personal data.
To see all answers submitted to the Answer Wiki: View Answer History.
Mrdenny is correct. usually only the domain that created the cookie can read the information that has been encrypted in the cookie. this is by design for security reasons.
I used the following command to create a TXT file will all the cookie information in it and I couldn’t find any clear text information that caused me concern.
copy “C:\Documents and Settings\%username%\Cookies\*.*” c:\cookie.txt