CSRF token error messages

If you're seeing a CSRF error message when logging into your AnyHow account, don’t panic. You can find some simple solutions below:

Invalid or missing CSRF token

This error message means that your browser couldn’t create a secure cookie, or couldn’t access that cookie to authorize your login. This can be caused by ad- or script-blocking plugins, but also by the browser itself if it's not allowed to set cookies.

To address this issue, follow these steps.


  • Open Chrome Settings.
  • Scroll to the bottom and click on Advanced.
  • In the Privacy and security section, click on Content Settings.
  • Click on Cookies.
  • Next to Allow, click Add.
    • Copy and paste "[*.]anyhowhq.com" and click Add.
  • Under All cookies and site data, search for anyhowhq, and delete all AnyHowhq-related entries.
  • Reload Chrome and log into AnyHow.


  • Open the Firefox Options menu.
  • On the left, select Privacy & Security.
  • Under Cookies and Site Data click on Manage Permissions.
    • Copy and paste "https://anyhowhq.com" and click Allow.
  • Click Save Changes.
  • Next, click on Manage Data.
  • Search for "anyhowhq" and select Remove All Shown.
  • Click Save Changes and confirm in the pop-up window by clicking Remove.
  • Reload Firefox and log into AnyHow.


  • Open Safari Preferences from the drop-down menu in the navigation bar or by typing Cmd + , (⌘,).
  • Click the Privacy tab and make sure that "Cookies and website data" is set to either "Always allow" or "Allow from websites I visit".
  • Click on Manage Website Data to see all locally stored website data.
  • Search for “anyhowhq” and remove all AnyHowhq-related entries.
  • Reload Safari and log into AnyHow.

CSRF tokens mismatch

This error message is caused by privacy extensions. If you are running any privacy extensions such as Ghostery or Privacy Badger, make sure to add anyhowhq.com as a trusted website.