Security settings
This just started happening last week: every time I sign into my bank, I'm required to be texted a security code to continue with my banking. It only happens on FireFox, not in Chrome, so it's a browser issue, not the bank. It's so annoying! Any help would be appreciated.
All Replies (2)
Hi Karen, many sites now require multi-factor or two-factor authentication. After you enter the code and it is accepted, the site sets a cookie on your browser so that you don't need to repeat the process in that browser -- every time Firefox requests a page from the site, Firefox will send the site the cookies it has set to prove you are you. But that means if the cookie is cleared, you need to do it again.
Why might cookies go missing on a later visit?
(1) If you are visiting the site in a private window
Cookies are not written to disk in private windows, so whether they are session cookies or have an expiration date after we're all gone, they will evaporate when the last private window is closed in your session.
The two ways a site could open in a private window are:
(a) Creating a private window in a regular session (for example, Ctrl+Shift+p or right-click > Open Link in New Private Window)
(b) Setting Firefox to use automatic private browsing on the Preferences page --
- Windows: "3-bar" menu button (or Tools menu) > Options
- Mac: "3-bar" menu button (or Firefox menu) > Preferences
- Linux: "3-bar" menu button (or Edit menu) > Preferences
- Any system: type or paste about:preferences into the address bar and press Enter/Return to load it
In the left column, click Privacy & Security, then scroll down to the History section. Either of these will invoke automatic private browsing:
- Firefox will: Never remember history
- Firefox will: Use custom settings for history + "Always use private browsing mode"
(2) If Firefox is set to store ONLY session cookies, and you have not made an exception for the site.
You can check for this on the Options/Preferences page, Privacy & Security panel, Cookies section. Make sure you do NOT have a checkmark for "Delete cookies and site data when Firefox is closed". If you do, you need to create "Allow" exceptions for sites where you want Firefox to accept persistent cookies.
(3) If Firefox is set to Clear History When it Closes and that includes Cookies
Most people do not have this setting, but you can double-check here: On the Options/Preferences page, Privacy & Security panel, History section: show all the detailed settings by choosing "Firefox will: Use custom settings for history." Then make sure you do NOT have a checkmark for "Clear history when Firefox closes". If you want to use that feature with some types of data, use the Settings button to the right of it to confirm that Cookies and Offline Website Data are not being cleared. (Also, do not clear Site Preferences if you have made exceptions.)
(4) If you use an add-on that modifies how cookies work
There are extensions to manage cookie lifetimes and removal, including some that expire cookies for inactive tabs. There also are extensions that isolate pages in a container, which creates a separate cookie jar for the pages in that container which are invisible to pages outside that container.
(5) If you logged out of the site
The cookie identifies you to the site, but if your session ended, the site isn't going to start a new one automatically. So if you logged out on the site -- highly recommended for sites that have sensitive data or accounts you can't afford to have taken over -- then the site might pre-fill your user name on the login page, but you will need to sign in again.
Note: This would not affect the 2FA cookie. That should linger long after a specific session has ended.
(6) If external utility or privacy software cleans browser cookies
If you use CCleaner, Advanced SystemCare or other third party programs that touch browser data, set them not to touch Firefox data.
(7) If your IP address is unstable
Some sites link your identification to your IP address and require a new login if that changes. To minimize the potential for changes, you can check your Firefox connection settings on the Preferences page.
In the search box at the top of the page, type proxy and Firefox should filter to the "Settings" button, which you can click.
The default of "Use system proxy settings" piggybacks on your system settings (for example, Windows/IE "LAN" setting). "Auto-detect" can lead to a flaky connection. You may want to try "No proxy".
Does any of that seem relevant to how your Firefox/system works?
Thanks so much for that detailed response. I don't use a private window. FireFox is set to remember all history. Firefox isn't set to Clear History When it Closes. I don't believe these options apply to my issue.
This doesn't happen with any other banking/credit card site. You would think that it's this specific banking site, but as I mentioned before, it doesn't happen with Chrome. If you can think of anything else, I'm definitely open to other suggestions. Otherwise, I guess I'll just use Chrome for this banking site.