I arranged for my investment company to recognize my computer (Windows 7,
SP1) only. Since implementing this, I’ve been blocked from accessing my
investment company online. I’ve talked with their tech people and was told that
my anti-virus program is deleting cookies needed for my investment company to
recognize my computer. I have Microsoft Security Essentials. Is this the
problem or is it something else?
In this excerpt from
Answercast #94 I look at the way banks and investment companies allow you
to “remember” a safe computer easily to sign in with.
Deleting cookies and online accounts
Well, it is likely the problem, though, I’m not aware of Microsoft Security Essentials cleaning cookies.
What the financial institution does when it asks you, “Should I remember this computer? Is this a computer that is not in a public place? Is it one that you feel is always going to be safe to access your online account?” all they really do is leave a cookie on your machine. That cookie is probably some encoded data, so that it’s very difficult to falsify, but it stays on your machine.
The presence of that cookie on your machine is what allows the site to know the next time you visit it that, “Oh. Yep. This is a computer that was previously authorized to access this online account.” If that cookie disappears for any reason, you have to start over.
If your cookie is deleted
In my case, when I go to my online investment account that means, in addition to supplying my username and password, they’ll usually ask me one or two of my security questions before I’m allowed to access my account.
As part of that process, I can once again tell it that, “Yep, this computer is safe. You can remember it. It’s authorized to access what I need to access.” Only then does it put the cookie back.
If the cookie disappears for any reason, this is exactly what will happen.
Running a tool like CCleaner, for example, may clean cookies.
Running an additional anti-spyware tool may clean cookies.
Running registry cleaners and PC tune-up utilities, and gosh only knows what else, often as a side effect will try to clean up cookies.
The net result is, after running these tools, this kind of stuff happens. Ultimately I can’t point the finger specifically at Microsoft Security Essentials because I’m, quite honestly, kind of surprised that it’s deleting cookies. It certainly doesn’t for me. Maybe some of the options are set differently. But in general, it is definitely cookie related and I agree with your investment tech people that – yep, there’s something going on here that’s making those cookies go away.
(Transcript lightly edited for readability.)
Next from Answercast 94- Why did I get infected even though I run anti-malware software?
7 comments on “Why might deleting cookies cause my computer to be unauthorized with online accounts?”
One should go through all the clean-up tools (ie. CCleaner), the anti-malware apps and browser(s) settings and check to see if the ‘delete cookies’ tick-box checked. That might be the problem.
Is there any way, one can make the required cookies ‘not erasable’, similar to some system/program files are protected?
There are browser plug-ins such as Cookie Manager+ for Firefox and possibly for other browsers which allow you to set exceptions for cookies you want to keep.
I am totally confused – this article appears to be totally in favour of retaining ‘tracking cookies’ . I have only used a computer for 6 years and, until now, have always been told to remove cookies by PC magazines and anti-spyware companies mainly for security and privacy reasons. Now we have this Investment Company Member with his experience changing everything. What is going on and what have I misunderstood all this time please?
In Firefox, and so probably other browsers, you can set the browser to delete cookies when the browser closes. You can also set “exceptions” which you don’t want deleted (banking or whatever).
I don’t care if ad-trackers know that I’ve visited a few pages where they have ads. Also, as cookies are not “active” in any way, they aren’t a danger to my PC or network. However, some people, even people who aren’t paranoid, prefer to delete cookies.
To find the settings in Firefox: Open ‘options’, click ‘privacy’ tab, choose in drop menu ‘use custom settings for history’, click on ‘exceptions’. Remember that ‘exceptions’ also includes cookies you want to block, so watch carefully every step. It’s actually much simpler than the explanation seems.
Other major browsers should be similar.
If it all goes wonky, and your browser won’t work, simply uninstall, including saved settings, and reinstall from scratch.
Cookies can accumulate over time. I use Google Chrome browser which allows deleting selected cookies. From the Tool menu, select “Settings”, select “Advanced Settings”, select “Content Settings”, select “All Cookies and Site Data”, and delete whatever cookies you do not want. Some sites where you have to enter account name to enter the site I keep, so I don’t have to enter every time. The rest I get rid of.
If I erase cookies (rare) I use CCleaner.
What I did is I ran CCleaner and erased ALL cookies. I then went and logged into every bank, government, email, etc account that I knew used a cookie to recognize me or remember me. I didn’t go anywhere else on the internet.
I then ran CCleaner again, but this time before actually processing anything, I went into the cookies section and told it not to delete any of these cookies (which had just been stored). It was the easiest way to identify all the cookies that I wanted to keep.
Now whenever I do clean my cookies, the ones I really care about don’t get deleted.