Closed Bug 460617 Opened 16 years ago Closed 16 years ago

Encrypt and Password Protect Cookies, You know for Notebooks : )

Categories

(Firefox :: Security, enhancement)

Product:
Firefox
Component:
Security
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 19184

People

(Reporter: brendieellen, Unassigned)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3

It think it would be swell to be able to password protect and encrypt my cookies, so of anyone got a hold of my laptop, they may not learn which financial institutions I belong to.

I know that there is a global security password, but this would allow a granularity that I don't have to sign in my browser every time I use it--and have a measure of security as far as the cookies are concerned.

Thank You,
BrendaEM

For now, I tend to add red-hearing cookies to banks I don't a even belong to, just so if anyone gets my computer, they might not know which accounts I have.



Reproducible: Always

Steps to Reproduce:
1.
2.
3.
encrypt your hdd or move the profile to an encrypted part of the hdd ?
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
I don't feel that that argument is valid, as the site passwords are password protected, and as so, why are the cookies not so protected?
I don't feel that that argument is valid, as the site passwords are password protected, and as so, why are the cookies not so protected?
because sensitive information shouldn't be stored in normal cookies ?
Sensitive information should be stored in a session cookie which are deleted after you close the session.
(In reply to comment #4)
> because sensitive information shouldn't be stored in normal cookies ?
> Sensitive information should be stored in a session cookie which are deleted
> after you close the session.

But this is not the case in the real world.  Many websites have a "remember me" option that makes the cookie almost as good as the password.

Why should storing cookies encrypted be any more/less difficult than storing the passwords encrypted?
Just to make sure that we are discussing the same thing.

Got to Tools/Options/Privacy/Show Cookies...

If it showed chase.com and mastercard.com, you would know where to begin robbing the user, don't you. And if you somehow know a password, you know where to use it.

The names of the sites should be encrypted for the morning has their laptop stolen before they can delete the cookies. A dialogue just the same as the Saved passwords... could be used to password protect the names of the cookies.

Than you for your consideration,
BrendaEM
You need to log in before you can comment on or make changes to this bug.