I arranged for my investment company to recognize my computer (Windows 7,
SP1) only. Since implementing this, I’ve been blocked from accessing my
investment company online. I’ve talked with their tech people and was told that
my anti-virus program is deleting cookies needed for my investment company to
recognize my computer. I have Microsoft Security Essentials. Is this the
problem or is it something else?
In this excerpt from
Answercast #94 I look at the way banks and investment companies allow you
to “remember” a safe computer easily to sign in with.
Deleting cookies and online accounts
Well, it is likely the problem, though, I’m not aware of Microsoft Security Essentials cleaning cookies.
What the financial institution does when it asks you, “Should I remember this computer? Is this a computer that is not in a public place? Is it one that you feel is always going to be safe to access your online account?” all they really do is leave a cookie on your machine. That cookie is probably some encoded data, so that it’s very difficult to falsify, but it stays on your machine.
The presence of that cookie on your machine is what allows the site to know the next time you visit it that, “Oh. Yep. This is a computer that was previously authorized to access this online account.” If that cookie disappears for any reason, you have to start over.
If your cookie is deleted
In my case, when I go to my online investment account that means, in addition to supplying my username and password, they’ll usually ask me one or two of my security questions before I’m allowed to access my account.
As part of that process, I can once again tell it that, “Yep, this computer is safe. You can remember it. It’s authorized to access what I need to access.” Only then does it put the cookie back.
If the cookie disappears for any reason, this is exactly what will happen.
Running a tool like CCleaner, for example, may clean cookies.
Running an additional anti-spyware tool may clean cookies.
Running registry cleaners and PC tune-up utilities, and gosh only knows what else, often as a side effect will try to clean up cookies.
The net result is, after running these tools, this kind of stuff happens. Ultimately I can’t point the finger specifically at Microsoft Security Essentials because I’m, quite honestly, kind of surprised that it’s deleting cookies. It certainly doesn’t for me. Maybe some of the options are set differently. But in general, it is definitely cookie related and I agree with your investment tech people that – yep, there’s something going on here that’s making those cookies go away.
(Transcript lightly edited for readability.)