I'm not sure if this is in the right forum but software might be involved so... Does anyone have a cookie deletion / protection system that seems to work? I was reading that scammers can somehow use them to get passwords? Running Kaspersky Security Cloud and Malwarebytes premium. What I really want to know is, assuming I delete all cookies and clear the cache weekly, is there a way via a browser extension, browser settings, or software to help ensure that scammers can’t glean my passwords via cookies or otherwise steal them in the meantime? What I don't understand is how deleting them weekly will help assuming the threat is in real-time. Is this only / most ironclad way to delete them every after browser session? This seems like it would be problematic in that I would have to re-register my device for every account I want to log into on a daily basis but I want to do what is necessary to be safe. Trying to strike the right balance here and stay protected without having to delete cookies after every session (if possible). Thanks for any insight!
Thats rubbish - cookies do not contain passwords, only the hash which is calculated on server and send back, you need to hack the server and its salting routine. forget it. And for sure, Kaspersky and MBAM can not protect you from the real attacks on your browser. Depending on your used browser - CAD (Cookie AutoDelete) is available for all browsers, for Firefox i currently prefer "CookieBro" which has some extended settings to keep (protection is not possible) cookies, and it has a cookie editor which CAD dont have. And for me the dropdown is much more convenient as CAD, but CAD has advantage of its size on touchpads. I have tried some other cookie extension, those are the best and the easiest two. To grab cookies from another domain, this is XSS (cross site) and a current browser has not really xss vulnerabilities. best way to avoid is a decent ad-blocker which blocks malware domains and some more of those crap. No AV software is able to do this!
You might want to check out HMPA, it has a new feature called CookieGuard. Another possible solution is Secure Folders, I believe cookies are stored the browser profile folder so you need to lock it, of course trusted apps will still have access to it. But HMPA is probably a better solution. https://www.hitmanpro.com/en-us/alert https://www.softpedia.com/get/Security/Security-Related/Secure-Folders.shtml
