Is it generally okay to retain cookies for sites that I trust?

DutchBaby · September 11, 2025, 1:40am

I have my Brave browser configured pretty much as recommended on here. I have Forget Me turned on for every site except for banking sites, since they already know who I am (and I’ve already been locked out of a bank account once for having to log in from “new devices” so many times).

For other sites, such as Proton Mail though, is there any harm to remaining logged in so that I don’t have to enter username/password/2FA every single time I want to get into it? I know that there would probably be harm if I did that with something like Gmail, but I’m more focused on my privacy focused stuff now anyways, and I use Mullvad for all generic searching.

JG · September 11, 2025, 6:53am

To answer your titular question: yes it is. No harm is ensuring you’re signed in to the sites you have to everyday or that you like. I have a few myself.

user1 · September 11, 2025, 1:05pm

Well there’s a risk of session cookies being stolen in case of an attack like the one that had Linus YouTube channel owned.
So if you are logged in you could potentially been exposed.

Using pwa could maybe mitigate this and the best protection is using a hw security key.

Topic		Replies	Views
Mullvad Browser is working on Persistent mode General	7	441	November 4, 2025
Marketing email received after browsing a website Questions	6	318	November 12, 2025
Privacy setup and some other questions Questions	16	825	September 2, 2025
What desktop browser should I use alongside Mullvad Browser? Questions browsers	39	1544	September 14, 2025
Which browser for my threat model? Questions	7	751	September 6, 2025

Is it generally okay to retain cookies for sites that I trust?

Related topics