This is a 2 part question
Question 1a): When I go to my stock broker site, I see that I am never allowed to save the password on my browser. It only saves my account ID and I have to enter my password. Is it the broker's website that doenst allow my browser to save the password or is it just a setting on my browser.
Question 2a): I visit a particular Https site and see that my session is always logged in as long as I don't close my browser or explicitly log off. I could pull the network cable out of my computer for an hour and then plug it back in and pick up on the site exactly where i left off. am i correct to assume that the site sent me a session cookie that was stored in my browser which had the setting to never expire?