• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

How cookies can use old passwords?

E

elkinm

Platinum Member
I noticed that once I lost access to my anandtech password so I reset and logged in with the new password I received. But I noticed that any system that could log on to the site automatically could still do so even though it had the old password. But if I logged off, I would need the new password to log back on.

Anybody know how can a cookie do this. Does it have a special password like to site or something that still allows access?

Also is there any way to transfer such a cookie from one system to another. I access a different site in such a manner and lost my password and cannot reset it. I lost my cookies on one system that I use to access the site so I cannot access it anymore.
I do have some systems that still have the cookies intact so I would like to transfer the cookies from one system to the other.
Also some systems have the same user name while others have different user names. Can I transfer cookies and change the user name of the cookie at the same time.

Thanks
 
The content of the cookies are entirely up the developer that makes each specific webapp so transferring/changing them may or may not work. How to transfer them depends on your browser. I believe IE stores each one in a seperate text file so that would be pretty easy. I don't know about firefox or others.

As for passwords, you'd better hope that your passwords aren't stored in cookies, that would be pretty dumb. From the look of the anandtech cookies they have a 128bit hash as a value which they store in their database and use to identify you and automatically log you in when you go to the forums. Somehow that doesn't seem practical but it's probably not easy to spoof either. Or maybe it's a reversible hash and they can calculate who you are from the hash without any stored data... Anyways it doesn't matter. I think you probably could move the cookies from this forum around and use them to login.
 
Originally posted by: elkinm
I noticed that once I lost access to my anandtech password so I reset and logged in with the new password I received. But I noticed that any system that could log on to the site automatically could still do so even though it had the old password. But if I logged off, I would need the new password to log back on.

Anybody know how can a cookie do this. Does it have a special password like to site or something that still allows access?

Also is there any way to transfer such a cookie from one system to another. I access a different site in such a manner and lost my password and cannot reset it. I lost my cookies on one system that I use to access the site so I cannot access it anymore.
I do have some systems that still have the cookies intact so I would like to transfer the cookies from one system to the other.
Also some systems have the same user name while others have different user names. Can I transfer cookies and change the user name of the cookie at the same time.

Thanks
Click to expand...
You can export cookies to a file and import them on another system. from IE go to "File | Import & Export" and it's simple from there. I always export/import bookmarks & cookies when I transfer someone from one system to another.
 
And there you have it from someone who knows what they are talking about 🙂

I also just noticed that you can tell firefox to grab cookies from IE from File -> Import but that'll only work on the same machine.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top