{"id":238021,"date":"2026-05-30T03:26:34","date_gmt":"2026-05-30T08:26:34","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/05\/google-chrome-adds-session-cookie-theft-protection-for-all-users"},"modified":"2026-05-30T03:26:34","modified_gmt":"2026-05-30T08:26:34","slug":"google-chrome-adds-session-cookie-theft-protection-for-all-users","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/05\/google-chrome-adds-session-cookie-theft-protection-for-all-users","title":{"rendered":"Google Chrome adds session cookie theft protection for all users"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/google-chrome-adds-session-cookie-theft-protection-for-all-users.jpg\"><\/a><\/p>\n<p>Google says the Chrome Device Bound Session Credentials (DBSC) security feature is now generally available and is rolling out to all users to prevent account takeovers.<\/p>\n<p>Available in beta <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/google-chrome-adds-infostealer-protection-against-session-cookie-theft\/\" target=\"_blank\" rel=\"nofollow noopener\">since April<\/a>, DBSC was first <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-chrome-feature-aims-to-stop-hackers-from-using-stolen-cookies\/\" target=\"_blank\" rel=\"nofollow noopener\">announced in 2024<\/a> as a way to cryptographically bind session cookies to a specific device, preventing hackers from using such stolen cookies to bypass multi-factor authentication (MFA) and hijack users\u2019 accounts.<\/p>\n<p>DBSC works by cryptographically linking user sessions to the hardware, such as their computer\u2019s security chip (e.g., the Trusted Platform Module (TPM) on Windows and the Secure Enclave on macOS).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google says the Chrome Device Bound Session Credentials (DBSC) security feature is now generally available and is rolling out to all users to prevent account takeovers. Available in beta since April, DBSC was first announced in 2024 as a way to cryptographically bind session cookies to a specific device, preventing hackers from using such stolen [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1523,1492],"tags":[],"class_list":["post-238021","post","type-post","status-publish","format-standard","hentry","category-computing","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/238021","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=238021"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/238021\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=238021"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=238021"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=238021"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}