That just means you are saving cookies that other sites can later access and use to follow you around the net. If typing your account info is tedious, try installing a password manager such as lastpass. It will fill in your account details so all you have to do is press enter. This will allow you to clean out the cookies and other privacy related junk droppings (like every time you close your browser) that so many sites use these days to keep tabs on you.
Your browser should *not* allow other site(s) to access your cookies. Using an open source browser is a good choice in this regard.
Browser does not send header before an SSL handshake is established (encrypted communication)
There is no practical way for someone to read your cookies, unless they have access to our private key, or the signing key, or they are using a quantum computer. (in that case all bets are off)
These cookies are set by companies used by DR1, which are created so that the third party can provide their service(s), but we do not use these cookies or the data.
__cfduid
Set by cloudfare. The __cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis.
Cloudfare is a service that sits 'in front' of the dr1.com server, for the purpose of protection.
__gads
Set by Google. used to distinguish / track users for Google Ads.
Google ads are displayed on this web site to generate some revenue (to attempt) to cover expenses.
__utma
Set by Google. Lasts up 2 years, Used to distinguish users and sessions. (used by Google Ads)
__utmz
Set by Google. Lasts up to 6 months. Keeps track of the referral source that brought you to the site.
_ga
Set by Google. Lasts up to 2 years, is used to distinguish / track users for Google Anaylytics.
Google Analytics is a freemium web analytics service offered by Google that tracks and reports website traffic.
We may review the traffic data to our web site in summary form, in order to understand traffic as an overall whole - but we never (do not normally) isolate specific users and track their activity.
One exception would be if a user was attempting to make unauthorized / illegal use of our service(s).
Or, if a legitimate authority made a bonafide request for the data (it never happened here, to my knowledge).
These are cookies set by the dr1.com server. The software uses the cookies automatically, to provide the forum service. We do not specifically read or make any use of the cookies besides what the software does automatically.
These keep track of what you've seen, so it can allow you to see "new" posts.
vb_lastactivity
vb_lastvisit
vb_thread_lastview
vb_userid - your account #
vb_password
It appears to be a hash of your password, but is not stored in the user table. If an attacker gets the user table they do not automatically get your hash.
It's 16 bytes represented by 32 char hex string. it might be better to represent with base64, as a 22 char string, because it would require less space. or, could represent 24 random bytes in the same space.
vb_sessionhash
this is used in the session database to keep track of your login status and associate you with your user credentials.
editor_height
used to 'remember' the size of the edit box.