The ‘Remember Me’ Dilemma: Convenience vs. Awareness

Written By John Germain

You’re logging into your bank account, or maybe your email, and there it is again. That little checkbox that says, “Remember this device.” It’s so tempting to just click it and move on. No more passwords and no more MFA codes the next time you log in.  

We all do this. Sometimes I do it too. But every now and then, I pause. Because that tiny box isn’t just about convenience, it’s about trust. When you check it, you’re telling the website or app, “I trust this device, and I trust that I can keep it safe.” But what if you’re wrong?

Why We Love “Remember Me”

The simple answer is no one wants to type in their password every single time if it can be avoided. Especially when logging in requires long passwords and a second challenge or multi-factor authentication. That checkbox is there to make life easier, and it does exactly that.

But the catch is this convenience often comes with a tradeoff. When you tell a site to remember your device, you’re also telling it to trust that device, and trust misplaced, can turn into risk.

When Does It Matter?

Not every “remember me” prompt is a big deal. Context matters. Here’s how I think about it:

  • Personal device, low-risk account? (Like a news site or public forum) I might click it.

  • Shared device or sensitive account? (Like banking, email, shopping app or work tools.) I pause and think twice.

It’s not about avoiding the feature completely. It’s about asking yourself:

  • Who else might use this device?

  • How sensitive is this account?

  • What’s the worst that could happen if someone else accessed it?

There are times when clicking this box is low risk, and that’s okay. But for accounts that hold personal data, financial info, or business details, it’s worth a second thought.

The Bigger Picture: Security Moments

This is what Security Moments are all about. It’s not about memorizing rules or living in fear of every little risk. It’s about recognizing the small choices we make every day and deciding what feels right for you.

For example:

  • If I’m on my home computer, I would probably check the box for say, an unpaid news app.

  • If it’s a streaming media or a social media account, I swear at myself a bit for being so paranoid, but I don’t click it.

  • If it’s my bank account, to me it’s a no brainer and I always say no.

  • If I’m on a public or shared device, I always skip it.

There’s no one-size-fits-all answer. It’s about being intentional and recognizing the moment. It’s so easy to click as a reflex these days, so it helps to train your brain to pause and assess.

What You Can Do

If you’re not sure, that just means you are being cautious, and that is a good thing. Trust that feeling and take a moment to think through the risks.

·         Does the site have your credit card or have access to financial information?

·         Does the site store personal information like your address or phone number?

·         Does anyone else have access to the device being used?

If any of these are true, don’t click the box. It will mean that every time you log in on that device, you will need to re-authenticate, but that is what the trade-off is all about.

Final Thought

These “remember me” prompts and its conveniences aren’t going away. They’re part of how we live and work now. The goal isn’t to avoid them, but to use them wisely.

So next time you see that checkbox, take a second. Ask yourself: Do I trust this device? Do I trust this situation? Then make the choice that feels right for you.

Check out this month’s Practical Moments which touches on this and similar topics. And for a deeper dive, read my latest Cyber Blog. You can also check out other similar topics and how Security Moments can help at www.securitymoments.com.

John Germain
Next

QR Codes: Convenient, Yes. Risk-Free, No.