I haven’t actually lost my phone or laptop, but it’s something I’ve always wondered about. Assume you lose a device, like a phone or laptop, which has a browser with active logins to a variety of sites like email, social media, bank, etc. Is there anyway that I can remotely force those sessions to logout?
A common recommendation is to change passwords, but will that do anything to the active session on the lost device? I could use my home computer to log into my websites and change passwords, but will that have any effect on the browser in my lost phone?
If you have lost an Apple laptop or phone, you can launch a nuclear strike. Okay, it’s really just a remote option to either lock the device or to wipe the hard drive. Either one has the same effect of preventing access to any browser security information.
I would be willing to bet Android has a similar feature.
Yes, Android has the same thing. Heck, I’ve lost my phone in my own house and had to log into my account to make it ring - will do that even in silent mode - so I could find the dang thing. But if lost I could brick it from the same remote login.
Apple’s ability to do that was amazing when my wife’s iPhone was stolen when we were on vacation. (I forget the name of the program, but I couldn’t get into it from my Android phone. Two hours later we found an internet cafe with a 5-year old Windows XP desktop, and it worked fine. She was able to track its position in a city 40 miles away, and totally bricked the thing. We were unfortunately not able to get it back.)
Here’s my question: I didn’t know this feature was available for Android. More info, please?
Search “Android Device Manager” - is attached to your Google account which is attached to your phone. You will need to re-enter your password, but the locator for my phone pops right up when I googled it in the next tab just now.
It sounds like there’s good capability for phones (which makes sense), but what about computers?
For example, you’re at the car repair shop and you use the computer in the waiting room to log into the SDMB to pass the time. If you forget to log out when you go home, is there anyway to expire the cookie that’s on the waiting room computer? Is the only way to go back to the tire store, open the browser, and logout?
I’ve seen gmail shows at the bottom if there are multiple sessions, but most other sites don’t have that. I’m hoping there’s a reliable way to expire all cookies across all sessions for my various web accounts so that everything gets logged out at the same time.
In general, does changing the password for an account expire all existing cookies?
Basically, no, there isn’t an easy after-the-fact way to expire all cookies across all sessions at the same time.
I’m not a web developer, but I’m pretty sure it’s a question of when and how the individual website has decided to set your cookie session to expire. For example, it could be set to expire after x minutes, or whenever the browser is closed, or after a set period of inactivity. Logging into the account from a 2nd computer might be the best bet to force it to expire because by doing that, you’ve created a new identifier for your account and the old one will no longer be valid. But for sites that like to aggressively track you, like Google as you mentioned or Facebook, it might take additional effort such as going into the security settings and manually logging out the previous session.
Any site with good security protocols, will log you out on one device, if you subsequently changed the password to the site on another device. Most banking sites, ebay, Facebook, Paypal, etc. do this.