Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Session key

  • 1 jibu
  • 0 wana tatizo hili
  • 1 view
  • Last reply by cor-el

kwgm
kwgm
more options

1. Does Firefox automatically save a NEW session key with each new session? I have Firefox remembering my site passwords. I'm concerned about the prevention of session hijacking.

Thank you.

1. Does Firefox automatically save a NEW session key with each new session? I have Firefox remembering my site passwords. I'm concerned about the prevention of session hijacking. Thank you.

All Replies (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

A session ID is usually stored in a cookie, so if this cookie doesn't expire and you keep this cookie then you can continue this session.

These steps make a website recognize and remember you:

  • create a cookie allow exception with the proper protocol (https:// or http://) to make a website remember you

You can check that you aren't clearing important cookies.

  • using "Delete cookies and site data when Firefox is closed" to clear cookies keeps cookies with an allow exception
    in 102+ version toggling this setting makes changes to the "Clear history when Firefox closes" settings and those settings prevail
  • using "Clear history when Firefox closes" in Firefox 102+ honors exceptions and keeps cookies with an allow exception, previous versions removed all cookies

Exceptions rely on keeping the "Site settings".

  • clearing "Site settings" clears exceptions for cookies, images, pop-up windows, and software installation and exceptions for passwords and other website specific data
  • Settings -> Privacy & Security
    Cookies and Site Data: "Manage Exceptions"
  • Settings -> Privacy & Security
    Firefox will: "Use custom settings for history":
    [X] "Clear history when Firefox closes" -> Settings