For about a year now or ever since Wordle took off, my wife and I have enjoyed playing this game daily and swapping results with each other and the kids.
Something broke about a week ago. I went to play (on my phone as always) and someone had already played. It was my wife’s game on my phone.
She uses my Apple ID on her phone so she can share our photo library. I know, it’s a mess. But this never gave Wordle any issues. Til now. And now all my game stats are gone.
I confirmed that Safari was unchecked under iCloud. And so is hers. So why is this still syncing between devices?
It’s probably this. A week ago the Times added the ability to link your stats to your NYTimes account, and if your wife decided to do this, now the stats are updated when you connect.
Change your NYTimes account just for Wordle to a free Times account (you can do this without affecting Safari by hitting share on the site and having it create a Home Screen icon. Home Screen icon sites don’t share cookies with Safari - they’re sandboxed.)
Every 2-3 days my “Streak” number gets reset, while all other counts remain unchanged. I have an associated NYT account, and have never “cleared” any Safari data. This part is definitely an Apple problem.
No, never use a private window. I do have many tabs open, and I suspect Safari is clearing something without telling the user. Since “streak” is the only thing zeroed, I assume cookies at least are being saved.
To reply, I apparently do have an nytimes.com account, but I haven’t used it in years. I started Wordle long before nytimes.com bought it and never changed my behavior as a result, including not logging in. And it has worked just fine for months since that transition.
“A week ago the Times added the ability to link your stats to your NYTimes account”
This seems suspicious, but my wife says she doesn’t recall doing anything like this. But even if she had done something like that on her phone, I know I didn’t do anything like that on my phone. So if the issue isn’t some shenanigans with Apple/iCloud scrogging my Safari cookies with her data, then I don’t see how nytimes.com has any idea that my wife and I are “the same person”… unless they did something nasty like track us by Public IP, which would be the same from our home; but I think that’s unlikely.
So, I deleted my cache of data in Safari for that web site, and it reset everything, predictably.
There are plenty of other ways for a website to tell the difference between your device and your wife’s, not just by checking a cookie. But since you’re not now paying for any service that the NYT might not want to be shared, there’s no direct reason for them to want to make use of the fact that you may both be logged in to the same account.
Dana is correct, and it’s actually very easy to accidentally delete a cookie. Once the cookie is gone, all the information it contained will be gone forever. My guess is that it’s better for all parties involved for the information to be stored locally. It ensures better security and privacy for users, and it enables Wordle users to easily play across devices and systems, and it saves the NYTimes lots of money and aggravation.
Can you provide more info? I’m not an expert but I’ve been developing web apps for 25 years and cookies are the universal method for maintaining session state, that I know of…
Mind blown. I think I’d heard about some of this, but just hadn’t been paying attention. I expect some of the claims of these vendors are exaggerated, but still, the amount of information you can get by just doing a simple ip address query is startling. Things have come a long way in 20 years! (And now I see why Apple has added the “Limit IP Address Tracking” option in Mail and Safari.)
Thanks for your notes, but we’re talking about two completely different things.
You’re talking about third party cookies, and perhaps other mechanisms to track people online. That is completely different than first party cookies, which have always been, and still are, the method of maintaining state in web apps.
In this case, nytimes.com wants to give me a (first party) cookie to allow me to keep track of my game stats; and of course, I want that, too. And no other website domain has access to that cookie, so there is no tracking or privacy discussion to be had here.
And more directly to my point, the cookie is stored in my browser. So even another browser used by “me” will not know about my stats. So how did my wife?
I’m becoming more convinced that Apple synced our cookies, blowing one of ours away in the process, even though I had Safari disabled in iCloud. Not happy.
This seems strange, only because I’ve never experienced this and I do have Safari syncing on. Maybe it only syncs cookies between Safari on the same class of device (eg iPhone-iPhone or Mac-Mac)?
I haven’t done a deep dive into what Safari syncs via iCloud. But I think you should at least see your open tabs sync. I know History syncs. Cookies and other local cache data? Not sure.
It doesn’t sync the actual tabs. Each device will have a different set of open tabs, but you can view a list of tabs that are open on your other devices. From the list you can open a tab on your current device or remotely close it.
Cookies are a handy way of attaching identification and state information to every HTTP request you make to a site. Wordle was originally built to run entirely locally so it didn’t need to regularly contact the server (the dictionary and all the answers for every day were downloaded on the first visit, though those were probably in cached files since they could be read-only). Instead of cookies, localStorage is a better choice for reading and writing state information that needs to persist between sessions. There’s also IndexedDB.
Given the timing, I think the most likely cause is both devices were active with the same nytimes.com account, which automatically uploaded the state from one then delivered the state down to the other. You started playing before NY Times bought Wordle but they successfully migrated (almost) everyone from playing on the original domain to nytimes.com. It wasn’t necessary for you to actively choose to login with an nytimes.com account, your browser just needed a cookie stored that identified you.
It’s your second paragraph where I’m either having trouble following or you appear to be stating inconsistencies… Since neither of us uses nytimes.com accounts, then:
makes sense, and that’s what I think was going on. But before that you said:
Again, if there was no login, as your other comment appears to concede to, then the cookie (or local cache) is the only way either the local app or the nytimes.com server could tell who the user was. Which takes us back to the question of how both devices ended up with the same cookie / local cache?