Managing cookies and private data with Firefox

A couple of days ago in a post about Google Analytics and concerns about online privacy, I promised to post back after learning a little more about tracking cookies and how to manage them with your browser. Below is what I found out; it's not comprehensive at all, but if you want to know more, Wikipedia has a good article on cookies.

I use Firefox for almost all of my day-to-day Web browsing, and it provides some useful options for managing cookies. From the top menus in Firefox, click on Tools > Options, and then choose the Privacy tab. In the middle of the page, there's a "Show Cookies" button. If you click that, it shows you all of the cookies you currently have stored in Firefox on that computer. That was a bit of an eye-opener for me. I do like the convenience of having some sites "remember" me, but there were a lot of sites listed there who I don't think have any business saving little pieces of data about me.

The first thing I did was to just clear all my cookies, and then go back to working and using the browser as I normally do. I checked back in just a couple of hours and was amazed at how many cookies had already collected. Some were for sites like the weather site I like to use, and it's nice not to have to enter my location every time I check the weather, so I'll keep those. But there were many from random sites that I don't even remember visiting - probably news sites or places I'd been looking for information or shopping - and I see no need to keep them.

Some sites require that you accept cookies to work at all; many Google applications do, for instance. I'm willing to accept that for now.

A colleague on the Adobe Dreamweaver forums clued me in that "session cookies" are generally pretty useful and not anything to be feared. These are cookies which are only needed for that "session", that one visit to that one web site. It appears that most of the sites that I use which do require cookies, require only session cookies, and it's no problem to delete those often.

So, my first effort/experiment was to choose the option "Accept cookies from sites > Keep until I close Firefox". This allows me to accept those session cookies, to make it possible to use sites like Google applications, Rosetta Stone, and many news and shopping sites. But every time I close Firefox, all cookies are wiped out.

This means that, when I re-open the browser, I have to log in to some sites with my user name and password again. This can be kind of a pain, especially on sites where there's nothing particularly private, and I'd just as soon not have to. (On my financial sites, I always choose the option that doesn't save my login information; that's a risk not worth taking to save a few seconds of my time.)

But I realized that, using the password-saving feature of most browsers, it's easy to log into most of those non-critical sites. The only danger I see from this would be the possibility of someone using my laptop without my permission and logging into my sites. Since none of these sites have any really sensitive information about me, and since I don't anticipate anyone doing that anyway, that's not a big concern for me. The password-saving options in Firefox are not under the Privacy tab, but rather under the Security tab. And I found something fascinating there: you can view a list of all the sites and passwords Firefox has already saved, and manage them. I couldn't believe how many I had!

So those are my current settings in Firefox:

• Accept all cookies, but to delete them whenever I close Firefox
• In the other Privacy settings, I allow the browser to save "form information" and other private information, because none of these are all that private, for me. You might have different needs, so check out those options; you can delete any or all of that when you want, or every time Firefox closes
  
• Save password information, except for certain sites, which I have listed in under Exceptions. I believe they got on this list because, when the site asked me, I chose "Never save password information for this site".
  

In Firefox, I don't see any option to distinguish between session cookies and other cookies. I'm not dealing with Internet Explorer here, but IE7 does have that option, so in that browser I chose to save only session cookies. IE7 also allows me to choose to never save "third-party cookies". According to the explanation at the Wikipedia article linked above, I don't want any 3rd-party cookies ever, so I chose that option.

That's about all for now. I've been pretty verbose here, but all of this only took me a few minutes to check out and experiment with.