Why Should You Report Security Incidents? And How Do You Report One?
Photo and Video Privacy Issues
The Password is Dead, Long Live the Password!
Data Privacy Month: NSA Surveillance Panel at the National Constitution Center
Protecting Your Finances During This Year’s Holiday Shopping Season
Beware of Phishing E-mails in the Wake of Typhoon Haiyan
No E-mail from Penn Will Ask For Your Username/Password or SSN
The Children's Online Privacy Protection Act: Does It Apply to Your Website?
October: National Cyber Security Awareness Month; Free Secure Disposal of Paper and Electronics
What Basic Rules Protect Student Information at Penn? (September 2013)
Protecting Privacy and Security on Penn + Box
Security Starts With You
New Regulatory Changes: Do They Apply to Your Area?
Protecting Yourself from Rogue AntiVirus Warning Scams
Security and Privacy Tips for World Travelers
Tagged with www , passwords
Tuesday, December 18, 2007 - Almanac Vol. 54, No. 16
Asking Your Web Browser to “Remember” You: A Dangerous Idea
This time of year, you may be doing more online shopping than ever. And, when visiting many major web sites, you may be prompted to save your username and password to make future visits more convenient. Do not check the “remember me” box or similar function—especially at public or shared computers—because if you do, you create an unnecessary privacy and security risk.
Remember that websites prompting you to save your password often hold other information such as your address, e-mail, phone number, and maybe even credit card or other financial data. If you save your password in your browser, anyone who accesses your computer can use the stored password to obtain your private information and use it to commit fraud or theft. Also, stored passwords can be stolen by viruses and worms.
Needless to say, you should also never save your PennKey password, or passwords for other University systems, in your browser, since this would put Penn data at risk for unauthorized access and use.
Here is how you can remove stored passwords from your web browser:
- Mozilla/Netscape 7.x: First, click on the “Tools” menu, choose “Password Manager,” then choose “Manage Stored Passwords.” You should see a list of sites for which you have chosen to store a password. You can look through the sites one by one until you find the site/password you wish to remove or you can simply click “Remove All.”
- Internet Explorer (Win): Go to Tools, Internet Options, Content, Personal Information, AutoComplete. Make sure AutoComplete is not enabled for “Forms” or “User names and passwords on forms.”
- Internet Explorer (OS X): From the Explorer Menu, select Preferences, Network, Site Passwords, and manage your passwords from there.
- Firefox: From the Tools menu, choose Options. Click Privacy on the left. Make sure “Remember Passwords” is unchecked under Saved Passwords. Click Clear to delete all saved passwords. Alternatively, click View Saved Passwords to remove.
- Safari: From the Safari menu, choose Preferences. Click the Autofill tab. Click the Edit button next to Usernames and Passwords, and manage your passwords from there.
If you have questions regarding the above contact email@example.com.