Comments on websites
How Does WOT Stay Logged in on This Site (Without Knowing My Password)?
dom 30 dic 2007 09:36:03 UTC da X1alphaHi everyone,
now that I've created an account on this website WOT offers to automatically log in. All nice and good since I can use the features for logged-in users right away. But seeing that I didn't give WOT my password for mywot.com, how does it log in? The two possibilities I came up with is that one, mywot.com looks for and identifier on my machine. If it's present and linked to an account it uses this identifier to log me in. At least when I use this machine. Mywot.com doesn't necessarily need a password. And two, WOT stored my password locally when I created my account on this website. If I remember correctly I didn't give it permission to do that.
How does WOT stay logged in on this site?
Greetings,
Sven
- Login o registrati per inviare commenti
Edit: WOT Uses Cookies - But is That All?
dom 30 dic 2007 09:51:51 UTC da X1alphaI didn't remember the logging-in information being part of the terms of service that WOT asked me to accept upon installation. So I checked the website and read about cookies in the FAQ. Alright then, it sets a cookie to automatically log me in.
When I manually delete private data (that includes cookies) e.g. with the shortcut Ctrl+Shift+Del the cookie is back when Firefox starts the next time. And seeing that I let Firefox delete cookies at the end of each session automatically - how does the cookie reappear? How does it know my login information?
Sven
Authentication
dom 30 dic 2007 11:37:00 UTC da SamiWhen you install the add-on, it sets up a shared secret with our servers, which is then used for encrypting and authenticating your requests to prevent eavesdropping and impersonation. The add-on doesn't know your password or even your user name, but uses the same shared secret for generating the authentication cookies it sends to mywot.com. The website then authenticates the add-on and looks up your account.
These cookies are set to expire after the current session, so Firefox always deletes them when you close your browser, and the add-on recreates them upon restart. If you disable the auto-login feature from WOT settings, the add-on stops creating the cookies and after you restart the browser, you won't be automatically logged in anymore when you visit our website.
Re: Authentication
mer 02 gen 2008 09:07:36 UTC da X1alphaThanks for the explanation, Sami! That clarified the issue.