Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    US charges Samourai cryptomixer founders for laundering $100 million

Featured Deal: A one-year Sam's Club membership is only $14 now

Latest Buyer's Guide:    How to setup a VPN on your router: Detailed walkthrough

Generic User Avatar

logging into an account without entering a username and password

Started by Burgos925 , Apr 19 2024 12:31 PM

  • Please log in to reply
5 replies to this topic

#1 Burgos925

Burgos925

  • Avatar image
  • Members
  • 241 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:01:48 AM

Posted 19 April 2024 - 12:31 PM

I'm a computer neophyte and would like to know just how people are able "to log into your account without entering a username and password" (mentioned at the following page of Social Web Q and A).

 

 

<<Why You Should Close Your Browser After Logging Out of a Service (socialwebqanda.com)


BC AdBot (Login to Remove)

 

#2 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 34,434 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:05:48 AM

Posted 19 April 2024 - 01:19 PM

Google session and cookie hijacking.

Also you should reboot your computer or shut it down when not in use. Hackers and malware can use current processes to gain additional presence on the machine.

Edited by cryptodan, 19 April 2024 - 01:20 PM.

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#3 Burgos925

Burgos925
  • Topic Starter

  • Avatar image
  • Members
  • 241 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:01:48 AM

Posted 19 April 2024 - 02:56 PM

Google session and cookie hijacking.
 

As a neophyte, it does seem mysterious.  I just hope the hijacking is not targeted at Windows-based computers in general.  (I've got a Dell 8347.)

 

Thanks.

 

<<or shut it down when not in use.>>

 

I put my computer into sleep mode every night.


Edited by Burgos925, 19 April 2024 - 02:58 PM.

#4 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 34,434 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:05:48 AM

Posted 19 April 2024 - 03:01 PM

Any computer can be targeted that stores session information in a cookie.

It's best to shut it down not sleep.

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#5 Dill2046

Dill2046

  • Avatar image
  • Members
  • 34 posts
  • OFFLINE
    •  
  • Gender:Not Telling
  • Local time:12:48 PM

Posted 19 April 2024 - 10:02 PM


I just hope the hijacking is not targeted at Windows-based computers in general.  (I've got a Dell 8347.)

 

 

You can focus on not getting a malware on your system to not have these problems.  This typically means physically securing your computer / having an exclusive access, and fixing behaviors that end up with a malware on the system (pirated software, other lures to download non-reputable software like game cheats, etc., clicking on links, downloading email attachments, unnecessary software, etc.)

 

Once some malware is already on your system, virtually nothing but getting rid of it completely will help you.  So, it's best to not get it at the first place.


Edited by Dill2046, 19 April 2024 - 10:04 PM.

#6 Dominique1

Dominique1

  • Avatar image
  • Members
  • 916 posts
  • ONLINE
    •  
  • Gender:Not Telling
  • Local time:12:48 AM

Posted 22 April 2024 - 02:01 AM

Good question, Burgos925!

I understand that cookies used to stay logged into a website is a vulnerability if a third-party has access to my computer.  However, if closing the browser after accessing your bank account is needed (not just the tab that opened it), then it's a web browser vulnerability that must be addressed.  Moreover, if a logged out web browsing session can be used to log in again by a third-party, the website that lets that happen also has a vulnerability to address.

About these little "apps" that may be leveraged by a third-party, I'm not convinced that it's really useful to perform a reboot as they will end up being launched again at a later time.  It's seems like a false sense of security, and just a question of timing for the third party.  Cutting off the Internet if not in use seems safer, also letting a good anti-malware program running in the computer.


Back to General Security


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Security
  3. General Security
  4. Privacy Policy
  5. Rules ·