If you’ve ever made multiple credit card payments on the same web site, you may very well have been shocked to learn that your browser had remembered your credit card information. This means that, if you send your machine in for repairs, the technician can easily use it for evil—and don’t even get me started on public computers.
The reason is that there are a lot of otherwise respectable web sites which neglect to use the
autocomplete attribute. Since every modern-day browser comes with form autocompletion, this is the sort of thing that’ll affect a lot of users. And while most payment gateways take all sorts of precautions to prevent abuse, having your credit card information in the wild is obviously still something you’ll want to avoid.
Luckily, most of those same modern web browsers also come with some implementation of private browsing these days. Not only are private browsing sessions great for looking at porn, but they are also invaluable if you’re going to be entering any sort of sensitive information. In Google Chrome, for instance, just hit Ctrl-Shift-N and you’re all set. Users of Mozilla Firefox can use Ctrl-Shift-P instead.
Of course, after reading this, your first instinct will probably be to clear your browser’s autocomplete data. However, if you’re using Chrome or Firefox, you don’t need to take such a drastic approach.
You see, both these web browsers store most of your data in SQLite databases, which are ordinary relational databases, each contained in a single file. The files I’m talking about are located in your Chrome user data directory or your Firefox profile folder. The former contains a database called
Web Data; the latter calls it
Now, if you grab the free command line SQLite client, you can freely play around with those databases. First, make sure you close all open browser windows, or the files will be locked. Then, fire up a Command Prompt window, navigate to your user data directory or profile folder, and enter either of these commands, depending on your browser:
sqlite3 "Web Data"
That should bring up an SQLite prompt, where you can now search for any table rows pertaining to sensitive information. For instance, if the first four digits of your card number were 5678, you would check for any values starting with that sequence using the following query:
SELECT * FROM autofill WHERE value LIKE "5678%";
SELECT * FROM moz_autocomplete WHERE value LIKE "5678%";
If that doesn’t return anything, then rejoice, for your credit card number probably isn’t stored in the file. Got some matches? Fear not, you can easily remove them. Just alter the query so it drops matching rows:
DELETE FROM autofill WHERE value LIKE "5678%";
DELETE FROM moz_autocomplete WHERE value LIKE "5678%";
.quit to get out of the SQLite client, restart your browser, and you’ll be good to go. Next time, remember to use porn mode!