Password Stored in a Cookie

by on October 1, 2007

Q: I am wondering if there is to recover a password from my cookies?

A: Cookies, just to make sure everyone knows, are text files stored on your local computer that a web site asks your browser to write. The information stored in the cookie is usually pretty basic like your first name or your e-mail address. The website would usually store this information when you login and you check off the “please remember my login name” option. This makes it easier for you to log back onto the site when you return next time.

The website might also store complex information though like a unique id to associate you with some data they have in their database. This would allow them to automatically log you in without needing a password. Since many sites do things like this it makes sense that users would think their password might be stored in a cookie but it is very unlikely.

To see what data is in each cookie you can, using FireFox you can go to Preferences by clicking on the FireFox menu on OS X or File on Windows and then select the Privacy tab and then click on the Show Cookies button. This will then allow you to look at each cookie on your system organized by the domain name of the website. You can see exactly what is in each cookie to figure out what kind of information the site keeps.

If you use IE the default location for your cookies will be C:\Documents and Settings\[your username]\Cookies but to see them you will have to go to C:\Documents and Settings\[your username]\ then click on Tools -> Folder Options and then select the View tab and then select the radio button that says Show hidden files and folders so that you can see the Cookies folder because Windows will hide it on you. From here you can double click on the files and they should open in notepad but they wont be the easiest things in the world to read. So enjoy your cookie data.