What are cookies, exactly, and are they good or bad? Cyber security experts break it down

Some of the products written about here are offered in affiliation with AOL. We may receive a share from purchases made via links on this page. Pricing and availability are subject to change.

Young professional staying at home
Chances are you've gotten notifications from several websites asking for permission to give you cookies. Find out what that means. (Photo: Getty)

It's pretty much inevitable now: You visit a website and get a notification that encourages you to read the company's cookie policy. Then, the site asks if they can have your permission to give you cookies.

Odds are, you just click through, don't bother to read the policy and carry on with your web browsing, because who has time for that? But cookies enable websites to track your movements, and it's understandable that you might not be okay with that — or even really aware of what's actually happening.

Everyone has cookies, but not everyone knows how to delete cookies from your computer, or even why that matters. One quick and easy way to delete cookies that track you online is to download a software like McAfee Data Secure, which removes cookies and temporary files from your computer for you. The software also blocks viruses, malware, spyware and ransomware attacks.

Try McAfee Data Secure free for 30 days, then $9.99 per month*

But what are cookies, exactly, and why is deleting them important in certain cases? Cyber security experts break it all down.

A middle-aged woman working from home on laptop.
Not sure what cookies are? Cookies are small pieces of data that identify your computer to a website with a unique code. (Photo: Getty)

What are cookies, again?

Joseph Steinberg, cyber security and emerging technologies advisor, tells Yahoo Life that "cookies refer to one or more small pieces of data" that identify your computer to that website with a unique code. The cookies are sent by a web server to your device while you're on that server's website.

Your computer stores that cookie and, when you visit that website again, "the server can recognize that the device is the same one as was used previously," Steinberg explains.

Cookies are "heavily utilized by marketing firms who can target your interests and buying habits," tech and cybersecurity expert Chuck Brooks, president of Brooks Consulting International, tells Yahoo Life. Cookies are the reason why you might be eyeing a new pair of sandals on one website and then see ads for that same pair of sandals when you're on other websites.

Why do you get asked if a website can give you cookies?

Your so-called "cookie persona" can be shared with or sold to companies, Brooks says. A European data protection and privacy law called the General Data Protection Regulation (GDPR) "has recognized this as a threat to consumer privacy," Brooks says. As a result, he adds, "it is one reason that many sites are asking permission to track your personal data."

Try McAfee Data Secure free for 30 days, then $9.99 per month*

Are cookies good or bad?

They can be both. "Cookies can be extremely useful – and many common activities would be difficult without them," Steinberg says. "Authentication cookies, for example, allow a user who logs into a website to click and view multiple pages on the site without having to re-authenticate each time he or she tries to access another page requiring authentication."

Cookies are generally broken into two groups:

  • Session cookies, which expire immediately after you're done being online

  • Persistent cookies, which stick with you during many different web sessions

"Cookies can also allow a site to remember a user’s username — without authenticating the user — or other personalization preferences," Steinberg says.

But cookies aren't always great. Privacy issues are one thing to consider. "It is best to know who is following your activities, and you should review and clean out cookies that may be unwanted," Brooks suggests.

Steinberg says: "One of the problems with cookies is that many sites now use third-party cookies. Many sites, for example, may present banner ads from the same ad provider, and the code from that provider can send and receive cookies to run on all of those sites, enabling it to track your activity across multiple sites."

Bearded senior man making notes while watching online guitar course on laptop at home
Not all cookies are bad. Some can be very useful, say experts. (Photo: Getty)

How to delete cookies

How often you should delete your cookies and which ones to get rid of depends on the device you're using. "If you are using a work device, I recommend using blanket-clean outs," Brooks says. Meaning, you should get rid of all of your cookies on a regular basis.

"On personal devices, I would review the cookies often and remove ones that you do not want continually tracking you," Brooks says.

Every web browser is slightly different, but in Chrome for example, these are the steps you would need to take to delete cookies:

  1. Click the three dotted lines in the upper right corner (the tools menu)

  2. Select "history"

  3. Check "clear browsing data" and set the range to "all time" or a specific time period (if you know you don't want to get rid of cookies from before a certain date)

  4. Check "cookies and other site data" and "clear data"

  5. Quit out of browser to save your changes

Don't feel like doing that on a regular basis? Software like McAfee Data Secure can take care of it for you, weeding out the cookies you don't want while keeping the ones you do.

Cookies aren't inherently bad, Steinberg points out —but what companies do with the information they gather can be in some cases.

Try McAfee Data Secure free for 30 days, then $9.99 per month*

*To avoid being charged the recurring subscription fee, simply cancel before the free trial period ends.