Firefox V48.0 erases the cookies provided by the 'new' www.chase.com online banking site launched this week and forces a time consuming 2nd security protocol.
1. The problem persists even when Chase setup instructions are followed, i.e. the site is saved as an Exception. 2. The problem emerges when the browser is closed -or- if the Chase site is accessed from another device between sessions. 3. The problem increases session count & data volume to dramatically increase user time, data plan cost and risk of credential intercept while conducting online banking with Chase. 4. The problem is accompanied by the lack of any information on sign-in or session security in effect for the new Chase online banking site. 5. A ticket was opened by Chase technical support 8/12/2016. No response todate.
All Replies (4)
Let's start here:
1. The problem persists even when Chase setup instructions are followed, i.e. the site is saved as an Exception.
I assume the exception is an "Allow" exception, and not an "Allow for Session" exception...
What is your standard cookie policy? You can review that on the Options page:
"3-bar" menu button (or Tools menu) > Options
In the left column, click Privacy. Then on the right, if the selector is set to "Firefox will: Remember history" you can change that to "Firefox will: Use custom settings for history" to view detailed settings.
Possible cookie policies:
- Block all cookies
- Allow session cookies ("Keep until: I close Firefox")
- Allow persistent cookies ("Keep until: they expire")
How about third party cookies? What is your setting for third party cookies?
2. The problem emerges when the browser is closed -or- if the Chase site is accessed from another device between sessions.
Do you have Firefox set to clear cookies when you close the browser? That overrides exceptions about which sites can set cookies -- that setting clears ALL cookies.
You can double check that on the Options page: If you have a checkmark for "Clear history when I close Firefox", click the Settings button to the right and make sure that Cookies are NOT selected.
If you do not have Firefox set to clear cookies at shutdown, some other ways the cookie might get cleared are:
- An extension that manages cookies clears them at shutdown or statup
- An external program cleans Firefox data
- Your cookies.sqlite database file becomes locked or corrupted
Regarding that last one, you could remove the file (effectively clearing all cookies) and have Firefox create a fresh one. If you want to try that:
Open your current Firefox settings (AKA Firefox profile) folder using either
- "3-bar" menu button > "?" button > Troubleshooting Information
- (menu bar) Help > Troubleshooting Information
- type or paste about:support in the address bar and press Enter
In the first table on the page, click the "Show Folder" button. This should launch a new window listing various files and folders in Windows Explorer.
Leaving that window open, switch back to Firefox and Exit, either:
- "3-bar" menu button > "power" button
- (menu bar) File > Exit
Pause while Firefox finishes its cleanup, then rename cookies.sqlite to something like cookies-old.sqlite. If you see a file named localstore.rdf, rename that one to localstore.old.
If you see other similarly named files like cookies.sqlite-shm and/or cookies.sqlite-wal, you can delete those.
Start Firefox back up again. Can it remember persistent cookies now?
MY RESPONSES APPEAR BELOW IN ALL CAPS.
Firefox V48.0 erases the cookies provided by the 'new' www.chase.com online banking site launched this week and forces a time consuming 2nd security protocol.
jscher2000 Aug 13, 2016, 1:43:51 AM Let's start here: 1. The problem persists even when Chase setup instructions are followed, i.e. the site is saved as an Exception. I assume the exception is an "Allow" exception, and not an "Allow for Session" exception... CORRECT What is your standard cookie policy? You can review that on the Options page: "3-bar" menu button (or Tools menu) > Options In the left column, click Privacy. Then on the right, if the selector is set to "Firefox will: Remember history" you can change that to "Firefox will: Use custom settings for history" to view detailed settings.
[CHECKED] ACCEPT COOKIES FROM SITES EXCEPTIONS [WWW.CHASE.COM ALLOW] ACCEPT THIRD PARTY COOKIES [FROM SITES VISITED] KEEP UNTIL [I CLOSE FIREFOX] Possible cookie policies: • Block all cookies • Allow session cookies ("Keep until: I close Firefox") Allow persistent cookies ("Keep until: they expire") THERE IS NO SEPARATE SETTING TO ALLOW PERSISTENT COOKIES IN FIREFOX 48.0] • How about third party cookies? What is your setting for third party cookies? 2. The problem emerges when the browser is closed -or- if the Chase site is accessed from another device between sessions. Do you have Firefox set to clear cookies when you close the browser? YES
That overrides exceptions about which sites can set cookies -- that setting clears ALL cookies. ? You can double check that on the Options page: If you have a checkmark for "Clear history when I close Firefox", click the Settings button to the right and make sure that Cookies are NOT selected. I DID THIS AND COOKIES IS N O T CHECKED
REGARDING THE BELOW. I AM RUNNING NORTON 360 WHICH ALSO CLEARS SESSION COOKIES DURING ITS ANTI-VIRUS SCAN. IT HAS NEVER BEFORE CLEARED PERSISTENT COOKIES. IT NOW CLEARS THE NEW CHASE.COM COOKIES.
MY CONCLUSION IS THAT CHASE IS USING SESSION RATHER THAN PERSISTENT COOKIES IN IT’S NEW SKIN.
I OPENED A TROUBLE TICKET TO THIS EFFECT WITH CHASE TECHNICAL SUPPORT 8/12/2016 BUT HAVE HEARD NOTHING IN 24 HOURS. I WOULD APPRECIATE A CLOSER LOOK AT THIS AND A CALL AT 847 304 6657. RCRoss
RCRoss said
MY CONCLUSION IS THAT CHASE IS USING SESSION RATHER THAN PERSISTENT COOKIES IN IT’S NEW SKIN.
You can check in "real time" when you are on the site. Call up your Chase cookies using the Page Info dialog as follows:
- right-click (on Mac Ctrl+click) a blank area of the page and choose View Page Info > Security > "View Cookies"
- (menu bar) Tools > Page Info > Security > "View Cookies"
- click the padlock or "i" icon in the address bar, then the ">" button, then More Information, and finally the "View Cookies" button
In the dialog that opens, the current site should be pre-filled in the search box at the top of the dialog (if it doesn't have chase.com, enter that there).
I don't know which cookie is the important one, and any important data should be encoded so you might not be able to tell either, but if you click the first one and look at the bottom of the panel, it should tell you whether that particular cookie is a session cookie only or expires later. You can arrow down through the cookies to tell whether there are ANY persistent cookies, or only session cookies.
Thank you for your responses. The problem disappeared at 12 Noon 08-14-2016. www.chase.com delivered 26 session cookies and 1 permanent (6 month) cookie upon login. A second permanent (1 day) cookie was delivered upon login under a separate chase.com id. All survived closing and re opening Firefox 48.0. None survived a Norton 360 scan [with remove cookies activated]. All survived a Norton 360 scan [with remove cookies 'ask me' activated.