Making life more difficult for thieves.
It dawned on me that I left out something worth exploring from my recent article on preparing technology for travel.
Specifically, one step you can take to protect yourself a little more should you lose your laptop while you’re on the road.
Become a Patron of Ask Leo! and go ad-free!
Why you should clear cookies when travelling
Cookies are used to avoid signing in over and over to the online sites you visit. Unfortunately, if your computer is stolen, the thief may be able to access your accounts as well. Clearing cookies — either using a third-party tool or browser options — can prevent this from happening.
Cookies are small packets of data websites leave on your computer when you visit them. Those packets of data are sent back to that site the next time you visit.
While they get a lot of publicity related to advertising and tracking, they have a much more useful purpose that you really do want: staying signed in.
And therein lies a security risk.
Thieves love it when websites remember you. It’s a simple scenario: a thief gets your machine, they’re somehow able to sign in to Windows,2 and now all of a sudden they have access to everything for which you’ve said “Remember me”.
The solution? Clear your cookies if you’re taking your machine into what we might consider a risky environment — like when you travel.
Clearing cookies: technique 1
My preference is to use a tool that clears all the cookies in all the browsers I have installed at once. I do this the morning I depart on my trip.
I’ll use CCleaner.
CCleaner cleans a lot more than cookies, but the reason I prefer it is that it notices all the browsers you have installed and clears the cookies for all of them at once.
As always, when installing third-party tools, follow the installation carefully and turn down any and all offers for software you don’t need. The free version of CCleaner is all you need. (You can also turn off the option for “Smart Cleaning” and “Keep CCleaner updated automatically”, both of which leave a small program running at all times when enabled.)
Clearing cookies: technique 2
If you only use one or two browsers, it may be easier just to have the browser clear cookies itself.
In your browser, type CTRL+SHIFT+DEL to bring up browser-clearing settings.
Different browsers display this option differently, but the concept is the same: instruct your browser to clear all cookies. (For “All time”, if that’s an option.)
Clearing cookies: technique 3
Your browser begins accumulating new cookies as soon as you start signing into your sites and services again, so you need to tell it not to while you’re traveling.
This setting may be called different things in different browser, so you’ll need to search your specific settings for it.
With this option on, cookies are cleared automatically when you close your browser.
This is perhaps the most secure setting of all. As long as you always close your browser, you’ll know that cookies have been cleared.
It’s also the most annoying.
Clearing cookies: technique 4
I have to include this for completeness, but it’s not a technique I recommend at all.
Always sign out of every site and service you use.
This prevents the service from being automatically signed in the next time you visit. It’s functionally equivalent to having deleted that service’s cookies.
I don’t recommend it for one important reason: it relies on the most error-prone part of the system.
It relies on you remembering to sign out all the time. That’s not realistic.
The annoyance of clearing cookies
Additional security comes at a cost. The cost here is simple: after clearing cookies, you need to sign in to every service the next time you visit.
That’s the point. A thief would be unable to do so, and thus would not have access to your accounts.
But you have to sign in. Again. And again. And again.
It’s not a popular security technique because of the annoyance factor, but I strongly advise you to consider some form of cookie cleaning before you travel.
My compromise is usually to clear all cookies using CCleaner before I leave. Then I’ll pay attention to which sites I need to sign in to, and decide on a case-by-case basis whether or not to take further action.
Something else to consider: for more tips and advice like this, subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Footnotes & References
1: Technically, that cookie already exists, because it’s what prevents you from having to sign in over and over again as you move from page to page. “Remember me” really just means “remember me for a longer period of time”.
2: Yes, there should be additional obstacles to prevent a thief from getting this far. And yet, it’s also very common that there aren’t, or that some are somehow bypassed. “Sleep” mode is just one example.