On my personal computers I will allow my web browser to remember my passwords, but that is because they are mine and nobody else will ever touch them (unless they break into my house and steal all my stuff, and then I have bigger things to worry about).

For public computers or work computers I would definitely choose neither, especially if you are working on a shared system.

Since either way anybody with access to your computer could easily get into your accounts, neither of these options is very secure. I would guess, that because the "Remember me" feature uses cookies, and usually expires, it would be slightly safer because your passwords are not (as far as I am aware) stored anywhere.

I prefer to use something such as Roboform or Lastpass, where the password is autofilled for me, but I can set it to ask for my master password the first time it logs in during a browsing session. That way I don't have to remember my passwords, but other people still can't access them.

With a browser remembered password you are open to at least two problems:

1. Others using your browser and getting your access
2. Malware picking up your password from the browser (limited to the browser vulnerabilities)

With a 'site remembered' password, you have a cookie placed in your browser by the site.
This is also unsafe (depending on the level of your paranoia):

1. Same problem as before, anyone accessing the browser from your login has access
2. Cookies can also be 'stolen' or miss-used

Always derive your paranoia based on the sensitivity of the password.
Your gmail password (just) might be safer to loose then your bank password.

Passwordsafe not only securely remembers your passwords, but has the ability to type them into your browser for you.

I tend to have my passwords remembered by no one. Not primarily for security reasons, though, but more so because I know I will forget the password if I don't have to type it in regularly (and I might need it on some other computer somewhere).

Personally, I think they are both as 'bad' as each other.

"Remember me" is slightly better because it isn't actually storing your password (or a representation of your password), but it is a token that represents you and, if the cookie is stolen, a malicious user could use that to log in as you without knowing your password.

In general terms the former is better.

The "remember me" approach in the sites usually leaves a cookie in your browser.

The "remember my password" in the browser stores it in a internal database.

If your are using intensively an application I would use the browser approach.

If you don't use intensively an application and extra security is needed ( like your back account ) use neither and type it always ( and make sure you use a hard password instead of a common one )

I like Google Chrome which always remember your user id, but not the password. That way I have to type less.

Plus, who knows when your wife is going to try to log on in that "friend" site ;)

I feel it even depends on what's more secure: your computer or your connection. If the site is to remember you, then a cookie is set, which is sent back for each request. When having your password remembered (and when typing it yourself) then it's only transmitted while you're logging in...

(Sites that actually temporarily use HTTPS or some hashing to send your password, should not allow for "remember me" to start with, I think.)

But, like many suggested: differences are minor. And if you use the same password on many sites, then you probably care less about the cookie than about the actual password.

I'm sure the most secure option is to type my log-in details in every time

Unless you've got some key logger running. ;-)

I'd recommend using something like LastPass. There's also a good discussion about password management here: https://superuser.com/questions/255/how-do-you-keep-track-of-all-your-passwords

If you use Firefox make sure to setup a master password for your browser and then it will encrypt all of your passwords. Whether or not this is easily breakable encryption I'm not sure. All encryption can be broken with big enough rainbow tables though.

Neither one is really most secure than the other, so I personally just use the "Remember Me" feature of websites for convenience. I've found all the "password managers" and "master password" add-ons to be more of a hassle, and they aren't really that secure anyway. If someone really wanted your passwords, they'd get them. But that has never been a problem for me so I don't have any reason to be worried.