OWASP ASVS: Authentication of User

From browser history, which makes your sensitive data retrievable for unauthorized persons.

As we login to multiple sites, does browser history saves the sensitive data such as username and password?

I could not find it.

https://www.owasp.org/index.php/Testing_for_Credentials_Transported_over_an_Encrypted_Channel_(OTG-AUTHN-001)

1 Like

Hi
Every site should ask you which cookies are are planning to use and you can adjust/choose the setting for it.
Also same rule apply username and password , unless u choose to save password.
if you do not want browser to save the history then u can set that in advanced setting and also another option to use incognito mode