)
near the lower-right corner of the browser window whenever a site that
fits the category sets a cookie. When this icon is displayed, you can click
it to get information about the affected cookies.A cookie is a small amount of information on your computer that is used by some sites. For a brief overview, see What Are Cookies and How Do They Work?
Before loading a web page that uses cookies, your browser handles the page's cookies by doing two things:
You can specify how cookies should be handled by setting your Cookies
preferences. The default setting is Allow all cookies
.
To change your Cookies preferences:
For more information about the effect of each setting, see Privacy & Security Preferences - Cookies.
[Return to beginning of section]
To set cookie permissions for the current site:
To set cookie permission for several sites or a site you are not viewing, use the Cookie Manager.
If you have selected Ask for each cookie
in
Privacy & Security Preferences -
Cookies, you will be warned (while browsing) that a web site is asking to
set a cookie. When you see such a warning, you can choose to
Allow, Allow for Session, or Deny the cookie.
Other dialog options:
allowor
denyresponse will still be in effect.
If you want to change a remembered response later, use the Cookie Manager to edit stored cookies and add or remove cookie sites.
To stop automatically accepting or rejecting cookies from a site:
[Return to beginning of section]
To view detailed information about cookies:
For more information about the information displayed, see Stored Cookies.
[Return to beginning of section]
Important: To remove cookies, follow the steps in this section. Do not try to edit the cookies file on your computer.
To remove one or more cookies from your computer:
Even though you've removed the cookies now, you will reacquire those same cookies the next time you return to the site.
To prevent that from happening, select the checkbox labeled Don't
allow sites that set removed cookies to set future cookies
. When this
checkbox is selected, sites for the cookies that you are removing are
added to the list of sites whose cookies will automatically be rejected.
You must click OK for your changes to take effect.
[Return to beginning of section]
Many sites develop and publish their privacy policies based on the Platform for Privacy Preferences (P3P) standard. The information that follows applies only to sites that post a privacy policy based on the P3P standard and the browser's implementation of that standard. The browser's implementation may not be, in all cases, identical to the standard published by the World Wide Web Consortium.
A site's P3P privacy policy describes, in a standardized way, what kind of information the site collects, to whom it gives that information, and how it uses the information. For information about viewing a site's privacy policy, see Viewing Privacy Policies.
&brandShortName;'s implementation of the P3P standard defines three levels of privacy: low, medium, and high (the default is medium). You can select one of these predefined privacy levels, or you can specify your own custom privacy settings in detail. Once you have set your preferred privacy level, your browser can compare your preferences with the site's P3P policy (if any) and accept or reject cookies accordingly.
For example, your privacy settings may require the browser to reject cookies that collect personal information without informing you. Alternatively, you can adjust your privacy settings so that the browser simply warns you when a cookie is used in this way, while allowing the action to take place.
To control the privacy settings you want your browser to enforce for all sites:
Allow cookies based on privacy settings.
customand specify your own privacy settings as discussed below.
Your browser handles cookies according to the settings you select. If you do not select a preferred setting, the browser defaults to medium. The low, medium, and high options are predefined by &brandShortName;. For more information about these predefined options, see Privacy Settings.
When the custom
option is selected, you can specify your own
privacy settings in detail. Depending on the P3P policy of the site setting
the cookie, and depending on whether or not the site setting the cookie is
the one you are viewing, you can select whether you want the Cookie Manager
to accept the cookie, reject it, accept it just for the current session (that
is, until you exit the browser), or flag it.
If you choose Reject, Flag, or Session for a given category of cookies, the
Cookie Manager displays the cookie notification icon
()
near the lower-right corner of the browser window whenever a site that
fits the category sets a cookie. When this icon is displayed, you can click
it to get information about the affected cookies.
First party cookies
are cookies set by the site you are
visiting. Third-party cookies
, also known as
foreign cookies,
are set by sites other than the one you are viewing.
For more details, see Privacy Settings.
[Return to beginning of section]
This section describes how to set your Cookies preferences and control other aspects of cookie handling.
For step-by-step descriptions of various tasks related to cookies, see Using the Cookie Manager.
Your browser is set by default to accept all cookies. This section describes how to use the Cookies preferences panel to change that setting. If you're not already viewing it, follow these steps:
Cookies help sites keep track of information for you, such as the contents of your on-line shopping cart or which cities' weather you want to know about. For a brief overview, see What Are Cookies and How Do They Work?
You can select one of these options:
Note: Blocking cookies does not remove old cookies. By blocking cookies you only block sites from setting new cookies, and old cookies will still be sent to sites. To completely block a site from receiving old cookies, you need to remove its cookies.
Note: Per-site cookie permission
supersedes default cookie setting. For example, if you allow a site to set
cookies, the site can set cookies even if you choose Block cookies
.
If you allow cookies or do not change the default setting, you can also select the following preferences:
You can also get more information about your stored cookies:
This section describes how to use the Stored Cookies tab of the Cookie Manager. If you're not already viewing it, follow these steps:
The Stored Cookies tab lists all the cookies stored on your computer, the sites they belong to, and their current status.
If you can't see the Status column, click the icon in the upper-right corner of the table and select Status. This column indicates which cookies have been flagged or accepted according to your Privacy Settings.
When you select a cookie in this list, the following information about that cookie appears in the bottom portion of the tab:
| Item | Explanation |
|---|---|
| Name | The name assigned to the cookie by its originator. |
| Information | A string of characters containing the information a site tracks for you. It might contain a user key or name by which you are identified to the site, information about your interests, and so forth. |
| Host or domain | Provides the name of the cookie's host or domain.
A host cookie is sent back, during subsequent visits, only to the server that set it. A domain cookie is sent back to any site that's in the same domain as the site that set it. A site's domain is the part of its URL that contains the name of an organization, business, or school—such as netscape.com or washington.org. |
| Path | The file pathway. This is provided only if the cookie should be sent back to all URLs that are on that path or lower. For example, http://a.b/x/y/z.html means that the cookie can also be set for path x/. |
| Send For | When this field is For encrypted connections onlyit means that the browser checks the connection whenever the server asks for a cookie and will not send it unless the connection is encrypted (HTTPS). |
| Expires | The date and time at which the cookie will be deactivated. The browser regularly removes expired cookies from your computer. |
To remove cookies, click one of these buttons:
Select this checkbox to prevent the cookies you remove from being added back into the list later:
Even if you remove cookies now, you will reacquire those same cookies the next time you return to the site. To prevent that from happening, select this checkbox. When this checkbox is selected, sites for the cookies that you are removing are added to the list of sites whose cookies will automatically be rejected.
You must click Close for your changes to take effect.
This section describes how to use the Cookie Sites tab of the Cookie Manager. If you're not already viewing it, follow these steps:
The Cookie Sites tab of the Cookie Manager lists the sites for which your decisions have been remembered, and what your decisions were. It also allows you to add and remove sites from the list.
To add cookies sites manually:
To remove a cookie site:
Once you've removed a site from this list, Cookie Manager remembers
nothing about it. If the Ask for each cookie
option is selected in
the Cookies preferences panel, you will be warned when any site not in this
list requests permission to set a cookie.
This section describes how to use the Privacy Settings window. If you're not already viewing it, follow these steps:
Allow cookies based on privacy settings.
For more information about using privacy settings, see Setting Privacy Levels.
The level of privacy you set here determines how your browser treats cookies according to privacy policies based on the P3P standard that published by some sites and on the settings displayed under Cookie Acceptance Policy for first-party and third-party cookies.
First party cookies
are cookies set by the site you are
visiting. Third-party cookies
, also known as
foreign
cookies, are set by sites other than the one you are viewing.
You can select one of the following privacy levels:
When this setting is selected, the browser accepts all third-party
cookies, but flags third-party cookies from sites that
indicate they may collect personally identifiable information without
your consent. Flagged cookies are listed as flagged
in the
status column of the Cookie Manager's
Stored Cookies tab.
When a cookie is first flagged, the Cookie Manager displays the cookie
notification icon () near the
lower-right corner of the browser window (if it's not already
present). You can click the cookie notification icon to see more detailed
information about the flagged cookies.
customare whatever they happened to be just before you select this option. You can modify them by selecting from the drop-down menus in the Cookie Acceptance Policy portion of the dialog box.
To see the exact effect of each privacy-level setting, select it and then examine the Cookie Acceptance Policy settings.
If you select the custom option in the top portion of the Privacy Settings dialog box, you can choose one of four settings from the drop-down list in each of the eight categories shown in the bottom portion. These settings cause Cookie Manager to perform the following actions:
flaggedin the status column of the Cookie Manager's Stored Cookies tab and display the cookie notification icon.
The cookie notification icon () appears near the
lower-right corner of the browser window. You can click it to get information
about the affected cookies or modify your privacy settings.
Sites are classified in four categories for each of the two types (first-party and third-party) of cookies:
The cookie notification icon () is displayed in the
status bar near the lower-right corner of the browser window. It appears when
a site has used a cookie in a way that requires you to be notified
according to your current Privacy
Settings.
This section describes how to use the Cookie Notification dialog box, which appears when you click the Cookie Notification icon. You can take the following actions from this dialog box:
Enable all cookiesin Privacy & Security Preferences - Cookies. After you take this action, your browser will accept all cookies.
For more information about using privacy settings, see Setting Privacy Levels.
Many sites require you to type a user name and password before you can enter the site. For instance, personalized pages and sites containing your financial information usually require you to log in.
The user name and password you use at a particular site can be read by the site's administrator. Potentially, that person could then attempt to log into other sites where you may have used the same user name and password. If this concerns you, you may wish to use a different password at every site with which you register.
Password Manager can help you remember some or all of your names and passwords by storing them on your computer's hard disk, and entering them for you automatically when you visit such sites.
When Password Manager is active (as it is by default), it gives you an opportunity to save user names and passwords on your hard drive that you enter while using the Internet.
For example, after you log onto a site from a page that requests a user
name and password, a dialog box appears asking, Do you want Password
Manager to remember this logon?
When you see this dialog box, you can
click one of the following buttons:
Similarly, when you log onto an email account or an FTP site, or perform any other action that requires the browser itself to display a special dialog box for your login information, you can select this option in the dialog box:
The next time you check your email or perform other tasks that require a password only, the password will be submitted directly without any further action on your part. For tasks that require you to enter both a user name and password, you need to click a Login button or equivalent after Password Manager fills in the information.
Password Manager saves your user names and passwords on your own computer in a file that's difficult, but not impossible, for an intruder to read. See Encrypting Stored Sensitive Information for information on protecting your stored user names and passwords with encryption technology.
If the Password Manager dialog box described above does not appear when you click Submit after typing your user name and password, Password Manager may be turned off or the site may disallow its use.
To check whether Password Manager is currently active, see Turning Password Manager On and Off.
[Return to beginning of section]
There are two different ways that Password Manager can fill in user names and passwords on your behalf:
The next time you visit the site, Password Manager automatically fills in your user name and password on the site's log in page. You can then click the Login button, or equivalent, to send the information to the server.
Use Password Manager to remember these values.
In most cases, the next time you attempt to access that server, Password Manager automatically fills in your user name and password in the same dialog box. You can then click OK to send the information to the server.
In some cases, such as when you open your email account, &brandShortName; needs to send only the password to the server, and does so immediately without displaying the dialog box or requiring any further action on your part.
[Return to beginning of section]
Password Manager is on by default. To turn it off:
Remember passwordsto turn Password Manager off.
To turn Password Manager on, follow steps 1 and 2 above, but select the checkbox in step 3 rather than deselecting it.
[Return to beginning of section]
To see the user names and passwords you have stored and to display a list of sites from which logon information never is saved:
[Return to beginning of section]
Many web pages contain forms for you to fill out—order forms for online shopping, information databases, and so forth.
Form Manager can save the personal data you enter into online forms, such as your name, address, phone, credit card numbers, and so on. This information is stored on your hard drive. Then, when a site presents you with a form, Form Manager can fill it in automatically.
By default, when you fill out an online form and click Submit, Form Manager detects the form and displays a dialog box asking if you want to save the personal data you just entered. Soon, Form Manager will have enough data to begin filling out forms automatically.
There are two ways to save personal data:
Note that Form Manager prompts you only if its automatic notification feature is turned on. (This feature is turned on by default.) For details, see Turning Off Form Manager Notification.
When Form Manager asks if you want to save values that you've entered in a form (the first method described above), it gives you three options:
You may want to do this if you want to ensure that you'll always have to enter sensitive information manually at a particular site. You can change your mind later if you like; for details, see Editing Stored Site Information.
Form Manager stores your personal data on your own computer in a file that's difficult, but not impossible, for an intruder to read. See Encrypting Stored Sensitive Information for information on protecting your information with encryption technology.
[Return to beginning of section]
You can use the Form Manager to fill out forms automatically in two ways: either one field at a time, or multiple fields at once. In both cases, the information is not actually sent to the site until you click the Submit button or perform some similar action.
To fill out a single field automatically in an online form, double-click in the field. If Form Manager has stored the data for that field, it will fill it in. You can edit the filled-in data if necessary.
To fill out multiple fields in an online form all at once:
Note that the Fill in Form menu item won't be accessible if the Form Manager hasn't yet stored any relevant information.
Important: You can also choose to bypass this dialog box in the future. However, if you bypass this screen, you risk filling in personal information (such as your credit card number) inadvertently. For details, see below.
The form is now filled in with the saved information. You may still need to provide some additional information that the Form Manager does not have available. The information is not actually sent to the site until you click Submit or perform some similar action.
In addition to providing a convenient way to confirm saved data and fill in a form all at once, the Prefill Form Data dialog box is useful for two reasons:
For example, it's possible for a site to hide a field on a form where you can't see it and specify that field to be a credit card number. If you prefill the form without first examining the information displayed in the Prefill Form Data dialog box, you may end up providing your credit card number to such a site without realizing it. Prefill Form Data lets you see every value that will be provided to the site, allowing you to detect such tricks.
For a detailed description of the Prefill Form Data dialog box, see Prefill Form Data.
[Return to beginning of section]
Form Manager is set to prompt you to save information whenever you submit an online form that includes certain kinds of information, such as your name and address. To stop these messages from appearing on your screen:
Save form data from web pages when completing forms.
Note that deselecting this option turns off the notification feature, but not Form Manager. The form data it may have already collected is still available.
You can still open the Edit menu and choose Save Form Info any time you want to save information from a form you've just filled in, or choose Fill in Form (or double-click each field) to fill in a form automatically.
[Return to beginning of section]
To examine or edit personal data that Form Manager has saved:
The Form Manager dialog box for editing data appears. Click the subcategories on the left to view or edit the corresponding data in the panel on the right. To view subcategories that aren't visible, double-click a category to expand the list.
To add information not currently included in one of the drop down lists on the right, select the blank item and start typing. Similarly, select existing text to edit or delete it.
The last category on the left side, Other Saved Information, includes panels for two special kinds of data:
[Return to beginning of section]
As explained in Saving Form Data, you can
choose Never for this site
when Form Manager prompts you to save
data you've entered in a form. Similarly, you can choose not to display
the Prefill Form Data dialog box on a site-by-site basis.
Form Manager lets you change your mind about these decisions at any time. To view site-specific information about your saved form data:
The Form Manager dialog box for managing sites appears:
To remove a site from either list and thus restore the default behavior, select the site and click Remove. For more details, see Form Manager - Sites.
[Return to beginning of section]
When you provide personal information such as your name, phone number, or email address to a site, or when the site collects personal information in other ways, the site can use the information for its own purposes (such as shipping you a product or customizing your browsing experience) and can potentially share it with others.
Before providing personal information on an online form, you must decide whether or not you trust the site—just as you judge whether or not you trust a catalog company before you provide your credit card number on the company's order form.
One way to evaluate a site's trustworthiness is to examine its published privacy policy. Sites publish privacy statements online, and some of them publish such statements based on the Platform for Privacy Preferences (P3P) standard and the browser's implementation of that standard.
A site's privacy policy describes what kind of information the site collects, to whom it gives that information, and how it uses the information. Sites publish privacy policies in both human-readable form and as a file that can be interpreted by the browser according to your Privacy Settings.
To view a site's privacy policy, browse to the site and follow these steps:
Many web pages are made up of a variety of text, images, advertisements, and other elements, some of which may be controlled by different companies.
To view the same information for any individual element of the web page:
For more information on controlling your privacy, see Setting Privacy Levels.
[Return to beginning of section]
When you fill out an online form, Form Manager normally detects the form and, when you click Submit, gives you an opportunity to save the data you entered.
This section describes the preferences and other settings that control the way Form Manager works.
For step-by-step instructions on using these settings, see Using the Form Manager.
This section describes how to use the Forms preferences panel. If you are not already viewing it, follow these steps:
When you fill out an online form and click Submit, Form Manager displays a dialog box that asks if you want it to save the form data you just entered (but only some of the filled-in fields include standard ones such as name and address).
If you click Yes at least some of the time, Form Manager will soon have enough data to begin filling out forms automatically.
Form preferences allow you to:
Note that deselecting this option turns off the notification feature, but not Form Manager. The form data it may have already collected is still available. You can still open the Edit Menu and choose Fill in Form or Save Form Info.
This section describes how to use the window that allows you to edit data saved on your behalf by the Form Manager. If you are not already viewing this window, follow these steps:
The Form Manager window for managing stored form data allows you to perform two tasks:
To add information not currently included in one of the drop down lists on the right, select the blank item and start typing. Similarly, select existing text to edit or delete it.
The last category on the left side, Other Saved Information, includes panels for two special kinds of data:
However, if the Form Manager hasn't yet stored your first and last name, it saves the full name (if you ask it to) as a single element in the Concatenations panel.
For step-by-step instructions on using the Form Manager, see Using the Form Manager.
This section describes how to use the dialog box that allows you to edit site information saved on your behalf by Form Manager. If you are not already viewing it, follow these steps:
The Form Manager window for managing sites has two tabs:
Bypass this screen when prefilling this form in the futureafter choosing Fill in Form from the Edit menu.
If you remove an entry from this list, Form Manager will again give you an opportunity to review form data for that site before filling it in.
Never for this sitein response to the Form Manager's request to store form data.
If you remove an entry from this list, Form Manager will again ask whether to store form data when you submit forms at that site (assuming that the main Form Manager notification option has been selected in Privacy & Security Preferences - Forms).
Regardless of which tab you are viewing, you can remove entries from the list as follows:
See the descriptions of each tab above for the consequences of removing entries.
For step-by-step instructions on working with form data, see Using the Form Manager.
This section describes the window that normally appears when you open the Edit menu and choose Fill In Form.
However, the Fill in Form menu item is enabled only if you have previously used Form Manager to save some form data and are now viewing a web page that is requesting some of the same data. For step-by-step instructions on working with form data, see Using the Form Manager.
The Prefill Form Data window allows you to perform these actions:
Important: If you bypass this screen, you risk filling in personal information (such as your credit card number) inadvertently. For details, see Filling Out Forms Automatically.
If you change your mind about this decision, you can restore the Prefill Form Data window for this site. For details, see Form Manager - Sites.
If you use Password Manager or Form Manager to save passwords and personal data, then this sensitive information is stored on your computer in a file that's difficult, but not impossible, for an intruder to read.
For example, if your computer is in an area where unauthorized people have access to it, it's possible for a determined person to read the file containing your sensitive information.
For a greater degree of security, you may want to protect the file with encryption. Encryption makes it much harder for an unauthorized person to view your stored sensitive information.
Your decision about whether to use encryption for stored sensitive data is a tradeoff between improved security and convenience.
If you use encryption, you will need to enter a master password periodically, which can be inconvenient. If you don't, it may be easier for a stranger who has access to your computer to steal your passwords.
To turn on encryption for your stored sensitive information:
Use encryption when storing sensitive data.
To turn encryption off, deselect Use encryption when storing sensitive
data
.
You must supply your master password when you turn encryption on or off.
[Return to beginning of section]
If you choose to encrypt your stored sensitive information, you'll need a master password. With encryption selected, you'll be asked for your master password at least once during a &brandShortName; session in which you access any of your stored sensitive information.
If you choose encryption, but don't already have a master password, you'll be prompted to create one the first time you try to save or retrieve your sensitive information.
If your master password has not previously been set, you can set at this time:
Make sure your new password is difficult to guess. For some suggestions on how to improve password security, see Choosing a Good Password.
[Return to beginning of section]
To change your master password:
Make sure your new password is difficult to guess. For some guidelines, see Choosing a Good Password.
[Return to beginning of section]
Normally, you are asked for your master password once during each &brandShortName; session during which you access any of your stored sensitive information.
It's also possible to require that your master password be requested each time it is needed, or after a certain amount of time has passed. For details, see Master Password Timeout.
You can log out of your master password so that it must be entered again before any sensitive information can be stored or retrieved. This is useful if you are going to leave your computer unattended for a period of time.
To log out of your master password:
[Return to beginning of section]
If you forget your master password and you have chosen to encrypt sensitive data (see Encrypting Stored Sensitive Information), you won't be able to access any of the stored password and form data that it protects (assuming you have turned on encryption). Your master password is your most important password. Make sure you remember it or record it in a safe place.
As a last resort, it's possible to reset your master password if you are sure you can't remember it. However, resetting your master password permanently erases all the web passwords, email passwords, and form data saved on your behalf by Password Manager and Form Manager. You will also lose all your personal certificates associated with the Software Security Device.
Before taking this drastic step, read Reset Master Password.
If you are sure you can't remember or retrieve your master password, follow these instructions to reset it:
[Return to beginning of section]
If you wish, you can choose not to download any images when you browse the web. This greatly restricts what you can view online, but may be helpful if you have a slow connection and wish to shorten the time it takes web pages to load.
You can also control how frequently animated images repeat their animation, or turn off animation completely.
The next section describes how to control these image settings. The default settings allow all images to be accepted and allow them to repeat their animation.
This section describes how to set preferences for images. To view the preference settings for images:
Image Acceptance preferences allow you to control whether and where Navigator displays images:
These settings control how many times animated images repeat their animation:
Copyright © 2003-2010 The Mozilla Foundation.