Skip to main content
ayo's profile

ayo

New Contributor II

 • 

6 Messages

Closed

When I sign out and press the back button, I'm still logged on. Isn't this a huge security risk and violation of the CCPA?

Will you program this website correctly, please? It's a shame that these errors are not tested before implementation, risking a data breach and loss of PII.

Discussions

 • 

Updated 

879

2

0

0

CurtB

Honored Contributor

 • 

2.1K Messages

You have to close all browser tabs to completely sign out from Cox.  If any other browser tab is open, you can close Webmail and re-open it without re-entering your User ID and password.  It doesn't matter if you clicked "Sign out".  You can also access My Profile and Voice Tools without re-authenticating if all browser tabs weren't closed after leaving Webmail.  The same scenario applies if My Profile or Voice Tools is opened first.  Cox may have meant to do that, but they should highlight that sign out requires all browser tabs to be closed, not just Cox websites.

0

0

Darkatt

Honored Contributor

 • 

2K Messages

The reason for this is the Cookies on your computer, not the Cox system. If you want to see this, log out, then clear cache and cookies, THEN try the back button. 

5

0

CurtB

Honored Contributor

 • 

2.1K Messages

Of course it's cookies.  But it's Cox cookies.  Are you seriously suggesting users clear their cache and cookies every time they close Webmail?

Like

Reply

0

Darkatt

Honored Contributor

 • 

2K Messages

The Cox Cookies are located on the Person's computer! Where else are they gonna get cleared from, Mine? Yours?

Like

Reply

0

CurtB

Honored Contributor

 • 

2.1K Messages

I know where cookies are located, but that wasn't the question. What I asked you was if you were suggesting users clear those cookies every time they close webmail.

Like

Reply

0

Darkatt

Honored Contributor

 • 

2K Messages

No, I suggested they clear the cache and cookies then try to go back and see that the page won't open. 

Like

Reply

0

CurtB

Honored Contributor

 • 

2.1K Messages

If it's a one-time test, then yes, clearing Cox cookies will force re-authentication.  But, that's not a feasible solution to OP's security issue.  If an individual signs into a Cox system on a public device, or any device where privacy is a concern, they should always close all browser tabs after leaving the Cox site because sign in credentials are stored in session cookies until the browser session is closed.

Like

Reply

0

Related Content

  • Closed

    1

    0

  • Closed

    3

    0

  • Closed

    3

    0

  • Closed

    2

    0

  • Closed

    8

    0

Recent Discussions

View More

Loading...