Is It Safe to Select the "Remember Me on This Computer" Checkbox with Online Accounts?
Websites that require registration often have a checkbox the user can tick so that they will not have to re-enter their username and password on subsequent visits. The text might state “remember me on this computer,” or words to that effect. Whether or not it is safe to click this box depends on the type of site being read, what type of information being shared, and if the computer is ever accessed by people other than the one who is being remembered.
Providing the Web browser is configured to allow cookies, when a user elects to be remembered, the website creates a cookie with the user’s registration information. A computer cookie is a small text file that resides on the user’s machine with a copy filed on website’s server. The next time the user visits the site, the browser automatically hands over the cookie upon arrival. The website allows automatic entrance because the Web browser has essentially handed it the user's credentials.
In many cases this is fine. For example, if the website is a TV chat forum, syndicated newspaper, or clipart website, there is likely no harm in it as long as the computer isn't one that's public. If the website holds personal information about the user, choosing to “remember me on this computer” is probably a bad idea. People should also never click this box if they are using a public computer, like in a library or Internet cafe.
Online banking, Web email accounts and online retailers are all examples of websites where computer users probably do not want automatic admittance. If anyone uses the computer and visits the site (probably easily found in your bookmarks), he or she will be automatically logged into the owner's account. This will give the person instant access to private information, possibly including bank and other financial records.
Assuming everyone in the household is trustworthy, there is still reason to avoid ticking the box. If the computer needs to be dropped off for repair, if it’s stolen, or if visitors ask to use it, they all have access to the accounts. This is especially true of terminals at work. Automatic logon to sensitive sites can put the user at unnecessary risk.
For maximum protection, it is best to reserve “remember me on this computer” for sites that do not hold personal information. People who have trouble remembering logon information may want to consider downloading a program designed to hold usernames and passwords in encrypted form. There are some free and open-source programs available. Open-source programs make their source code publicly available online so that it can be widely checked for bugs and security flaws.
I do not like the "Remember me on this computer" or any version of it. I have been wrestling with this for a while. Each time I go to a website that I have business at, the check mark is already in the box. I uncheck it, do my business and completely log out. When I come back again, the check mark is there again. I view this as a manual option that I have the right to choose. Not an automatic "check in the box". As far as I am concerned it is a very serious security violation. One that only benefits the company that overrides our safety of information. Since unchecking it means it does not stay "unchecked", how do I permanently disable this from happening?
Typing in your username and password isn't safe either unless the website uses a secured connection (https instead of http). You should check for that, as well.
On a normal connection, they are sent over the Internet and anyone can intercept them. They don't have to be super smart hackers - anyone could do it, just by downloading some free tools and using them to spoof their friends (and not only).
in fact. this option of remembering the user ID and password should be removed for good.
I say, don't check it, ever. Saving the 4 seconds a day it takes to enter in your user name when you log in isn't worth the danger of compromising confidential information!
Post your comments