Website Access Risks

Active or continued website access sessions from public computers present huge security issues and most people are unaware of the risks.

When I tried to login to my LinkedIn account today from a public computer, I noticed that another account was already in active session and I could have easily changed any information or setting on that account. I could not tell when the person used the computer to access her LinkedIn account but the longer the signed-in session remained open and active, she exponentially exposed herself to increased unauthorized access and modification risks. Therefore, it is very important to remember to log out of any active account sessions to protect your accounts and privacy.

Also, some web accounts and browsers allow a user to be remembered for future website access. This option is usually provided to bypass the sign in process in future sessions which requires an ID or email address and a password, however, when using public computers, having the computer remember the access credentials is not a good idea at all as next visitors can accidentally come across the active website session and access the account.

Therefore, if you set the computer to remember you which stores your ID and password for future use, you still haven’t completely signed out when you sign out. The next time someone visits the site, the browser will think that you are trying to access the website and display your ID and password, however, to view or change your private information, you’ll need to enter your password in some cases for obvious security reasons. But that would not prevent someone to view your information in many cases. Therefore, never accept or click a checkbox to allow the computer to remember you. This is one of those cases when you really want to be forgotten. Besides the unauthorized viewing of your account, your email address can also be stolen if it happens to be your ID and used for hacking attempts in other accounts.

With social networking sites, we share a lot of personal information with millions of people, and although we have some control over what and with whom we share our information, there are still a lot of website access security issues that we need to be concerned about such as the privacy of our information and unauthorized modification of our information and account settings.

For example, most apps on cell phones remain active to be accessed without having to login again. This is also a huge risk if the cell phone does not have a lock code because the next time the phone is lost or stolen, all of its content can be accessed by intruders without any effort.

When using public computers for website access, always make sure that the public computer used for accessing websites does not remember you for your next access. It's better to enter your password each time you access the website than to leave it open for others to accidentally access your accounts, and completely sign out of the account for maximum security and privacy.

Become Certified Identity Protection Advisor (CIPA) to learn more about website access risks.