I agree completely.
So, yes, cleaning out cookies, especially if you’re cleaning out all cookies, does exactly what you’ve described. It will force your bank (and you) to go through those extra steps.
Become a Patron of Ask Leo! and go ad-free!
Many banks with reasonable security have two stages of verification. On a computer that is unrecognized, such as one you’ve not used to visit the bank website before, the process may involve asking you one or more of your security questions before it allows you to complete the log-in.
Once the log-in is complete and you’ve identified your account, answered a couple of those questions, and specified your password, you may be asked some form of “Is this a safe computer? Should I remember this computer?”
If you say yes, the website will place a cookie on the machine that says, “This machine has been recognized, and we don’t have to go through all of those extra hoops next time.”
When you next log in, all you typically need to provide is your account identification and your password… until you clean the cookies, that is. Then the site once again no longer recognizes your machine, and makes you jump through those hoops once again.
CCleaner, and most cookie-cleaning utilities, give you the opportunity to identify the cookies and to specify exceptions.
Run CCleaner and have it run an analyze pass. Then, scroll through the list of all of the cookies that it has found on your machine (it will be long).
Look for the cookies that include the domain name of your bank. For example, if your bank is BankofAmerica.com, then maybe what you will find in that list are cookies dropped by BankofAmerica.com. Those are the cookies you want to preserve.
One problem is that many banks actually use a third party service. I might go to my bank’s website via their domain, but when I actually log in and access my accounts, they will have switched to the domain owned by this third party. In my case, for example, it’s netteller.com.
You’ll need to keep an eye out for that.
The next time you access your online banking information, take a look at the different domains that appear in the address bar. It may just be your bank; it may be several domains that are owned by your bank; it may be domains that the bank uses from a third party, as I described. All of those domains need to be listed in CCleaner as exceptions, so the program doesn’t clean the cookies associated with those domains.
It may end up being a bit of trial and error. In other words, you may think you’ve identified a few of the domains associated with your banking and done the exception thing, only to find that you didn’t catch all the domains. But my guess is it will be a pretty quick process to identify the internet domains that need to be listed in CCleaner as exceptions so you can continue to log in without having to jump through all these extra hoops.
If you found this article helpful, I'm sure you'll also love Confident Computing! My weekly email newsletter is full of articles that help you solve problems, stay safe, and give you more confidence with technology. Subscribe now and I'll see you there soon,