![]() ![]() "Can I store a cookie with my login details on my computer" a new page or resource has been requested) it will be kept open and re-used for subsequent requests to the website. As long as a new connection to the site has been made within the last 10 minutes (e.g. The second thing it does is that it will keep those isolated circuits open for the duration that they're used, to stop it using new circuits (and thus potentially a new exit) for connections to that website. So if you have a tab for and they will both use different circuits. Tor Browser uses two things, first of all it isolates connections (meaning they will each use a different circuit from each other) by the "First Party Domain" of the tab. logged in sessions being associated to IP. This was actually changed to help out with some of the concerns that you had about it, e.g. Only under default circumstances, if you are using Tor Browser this isn't the case."I understand Tor reroutes my traffic every 10 minutes." This will not help if the site has poor security. ![]() The updated password is as likely to be read as the original one. If the provider isn't using a secure login mechanism, it's unlikely they will be using a secure password update mechanism."If I change my password immediately after logging in, will that prevent hackers from getting in" This interactive infographic from the EFF might help clarify the situation. With or without Tor you should be using end-to-end cryptography like HTTPS to protect your login credentials. These devices, and their administrators, are not infallible and hackers do compromise them. Your login credentials pass through multiple companies networks and devices even when you don't use Tor. For example, that the sites should use HTTPS, if HTTPS is properly deployed a passive eavesdropper (like a naughty exit node) wouldn't be able to recover your login credentials. This is more generally true of the internet, the proper solution is the application of end-to-end cryptography."As I understand it, when logging in to a website, my username and password can be stolen when I send them through Tor." Or would it be better to leave the Tor browser running throughout the day, so that I only have to log in once? Would that not compromise my anonymity, in other words, the longer I stay on the site, the more likely the NSA or someone else will connect the start node and the end node? Will this also re-transfer my details, making it more likely to get routed through a malicious node the longer I stay on the site? Can I prevent re-routing, so that only 1 exit node can potentially see my details, instead of 100+? Besides, some websites automatically log out if the IP address changes, which is just annoying.Ĭan I store a cookie with my login details on my computer, so that I don't have to log in every time I start the browser? I understand that this will somewhat reduce my privacy. I understand Tor reroutes my traffic every 10 minutes. If I change my password immediately after logging in, will that prevent hackers from getting in, or will Tor continue to transmit these details while I use the website? What is the likelihood of this, and steps can I take to minimize such risk? ![]() I'm generally not doing anything too interesting over Tor and don't expect to be especially targeted by hackers or law enforcement.Īs I understand it, when logging in to a website, my username and password can be stolen when I send them through Tor. Before you say anything, I won't use sites like Facebook that know my real life identity, or sites that are very important (like online banking). I'm a Tor newbie that wants to use Tor to log in to a few communities online, and I have a few questions about the safety of it. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |