Home > Gimpy internet nonsense > Why do browser cookies expire?

Why do browser cookies expire?

So, if I log into Gmail, Twitter, eBay, or my own blog on a computer, and opt to have my user information saved, then obviously I’ll want to log in using that information whenever I use those sites, for as long as I use the site and the computer is my computer.

If it stops being my computer at any point, even if I don’t reformat the hard disk, I’ll obviously delete all browser personal information.

So why on earth do Twitter and Gmail set their cookies to expire after a fortnight, and eBay in 24 hours? What possible use could there be in not just setting them to last forever?

It’s not a huge thing, obviously, as my browser still stores the passwords – but even causing me very, very mild annoyance seems bizarre when there is no benefit at all to me or the supplier from the mild annoyance caused…

  1. Neil
    June 11, 2010 at 7:13 pm | #1

    Because Security Experts have a habit of putting the frightners up punters by shouting things like 'teh Google tracks your identity until 2029!!!.

    They're the same Security Experts who'll take good money to run adaware on your computer and tell you they've found 900 viruses, hoping you don't notice you're looking at the cookies tab.

  2. June 11, 2010 at 7:18 pm | #2

    Get this: https://addons.mozilla.org/en-US/firefox/addon/57

    Edit your cookies' expiry time to 2030-01-01 00:00:00 (or some other very large value in the future).

    I think Google do it because, with such a large number of different user types accessing their site, every 2 weeks strikes some sort of balance between ease of use and security (if you sell your computer and forget to clear the browser cache, accidentally log in and 'remember me' on a public computer, etc, etc there is a limit to the damage).

  3. June 12, 2010 at 2:07 am | #3

    I've had to decide things like cookie expiry times for web applications. The thing is, you have to consider lots of what-ifs and possible consequences. What if someone does log in at a public computer and clicks "remember me"? Own stupid fault, perhaps, but that won't appease the Mail on a slow news day.

    If the user has to re-log in occasionally at their own computer, that's less bad than some of the alternatives, and most browsers will have been told to remember the password anyway, so it's just one click.

  4. June 12, 2010 at 2:09 am | #4

    Yes, I'm pretty sure that San and Peter have it – it's still very slightly annoying for those of us who aren't complete tools, though. A 3-way radio "keep me logged in not at all / today/ forever" would be my call…

  5. June 13, 2010 at 6:09 am | #5

    I'm pretty sure it's so they can go "ah-HAH, not OUR fault" when people do stupid things.

  6. James Butler
    June 16, 2014 at 1:58 am | #6

    Dear Sir or madam

    I am furious at eighty years of age I spend time composing e-mails to see that when I send them they are wiped out fully no trace left and not sent no trace of the e-mail I write left and I loose my research as I cannot think it up again the google reply says cookies expired I I send an attachment I cannot inspect it and there is no trace of it left after sending it if it goes my computer is windown 7
    Can you advise me on butlerfamily@iolfree.ie
    yours sincerely
    Jamnes Butler
    6 RenmoreCrescent
    Renmore
    Galway Phone 091 756212 sorry I am not more famliar with the advanced technology

  1. No trackbacks yet.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>