Top Lock
Anonymizer.com   Bottom Lock


SUPPORT CENTER:
Anonymizer Privacy Manager
Anonymizer Private Surfing
Anonymizer Privacy Toolbar
Total Net Shield
Anonymizer Dialup
Other Software






Cookie Authentication

What is cookie authentication?

Cookie authentication ensures that users accessing our paid services are authorized to do so. It allows us to securely authenticate our users while preserving their privacy at the same time.

Why are we using cookie authentication?

The short answer is that using cookies allows us to quickly authenticate users without any of the drawbacks of other login techniques. For a more detailed discussion, please see our page about why the Anonymizer uses cookies.

Many sites use cookies without telling you. We not only want you to be aware that we are using cookies, but we also want to keep you informed as to exactly what each cookie is used for. We do not use cookies to track you. All of our important cookies are session-only and protected cryptographically.

What is stored in the Authentication Cookie?

The cookie contains your encrypted username, a timestamp, and our digital signature. The encrypted username is used for URL Encryption™; it ensures that each URL is encrypted uniquely to each user. The timestamp tells us when your surfing session will expire. The signature guarantees that the cookie cannot be tampered with and ensures us that you are, in fact, a legitimate user. The cookie will have the form (but not the content) identical to this actual example:

Anonymizer_Auth_Expires =
9fc7c85950dd9570f93b918546c7e1ab:
943235014:
ba66c29ea3182b44f9aefe9baf4bdfdbec0ea2d9


The first part (before the first colon), 9fc7c85950dd9570f93b918546c7e1ab in this example, is the hexadecimal (base-16) representation of your encrypted username. It is used to ensure that each URL visited using URL Encryption™ is encrypted uniquely to every user; it ensures that no one else can decrypt them but you. The second item (between colons), 943235014 in this example, represents the time (in UNIX terms) when your authentication expires. The third part (after the second colon), ba66c29ea3182b44f9aefe9baf4bdfdbec0ea2d9 in this example, is our digital signature. For those familiar with cryptography, this is a secure, one-way cryptographic hash of the user and expiration information.

Does this cookie get stored on my hard drive?

Absolutely Not. The cookie we are sending is what is known as a "session cookie." This type of cookie is held only until your current browsing session is over. When you quit the browser, it disappears. At no time is it ever permanently recorded on your computer.

How can I use cookie authentication?

Just enable cookies in your browser and login as normal.

Cookies can be enabled in Netscape via Edit->Preferences->Advanced->Cookies. Then either choose "Accept all cookies," "Warn me before accepting a cookie" or both.

In Internet Explorer:
Tools->Internet Options->Security->Custom Level->Cookies and under Allow per-session cookies check either Prompt or Enable.

If you are an AOL user:
Go to the Start menu and select Settings->Control Panel->Internet Options then select either Prompt or Enable under Allow per-session cookies.

We highly recommend that curious users inspect our cookie before accepting it to verify all that we have said. The Prompt option under most browsers will show you the cookie before you accept it.

Does this mean other sites can give me cookies?

No. The Anonymizer destroys any other cookie it sees by default. Likewise the Anonymizer does not pass our cookie along to sites you visit. It is part of the cookie specification that it can only be seen by us.

If you want to use a site that requires cookies, you can use our Safe Cookies™ feature.

Where can I learn more about cookies?

We recommend http://www.cookiecentral.com.

Contact Us | Terms of Use | Privacy Policy | ©2003 Anonymizer.com