The Daily Static
  The Daily Static
UF Archives
Register
UF Membership
Ad Free Site
Postcards
Community
Geekfinder
UFie Gear
Advertise on UF
Forum Rules
& FAQ

Username

Password


Create a New Account

  
 

Back to UserFriendly Strip Comments Index
secure web login by dennismv 2007-12-26 11:47:50
will this login and tracking be secure ?

* get user and pass from user via HTML form
* encrypt or hash password (call it Epass)
* track user's session by using session_cookies that have username and Epass in them. (Or is it only sufficient to store session_id only ? - can it be hijacked ? )
* if user returns later, and I want to use auto-login, do I store username and .. ? (last session ID ? Epass?)
[ Reply ]
  Code monkey think maybe manager wanna write by hadji2007-12-26 11:58:46
    AAAAAAAAAAAAAAAAAAAAAHHHHHHHH by dennismv2007-12-26 12:16:26
      It comes naturally most of the time by UGuardian2007-12-26 12:33:01
        I for one by dennismv2007-12-26 12:44:43
          Neither do I, and you're right (n/t) by UGuardian2007-12-26 12:46:27
  You probably know where the devil is ... by PeKaJe2007-12-26 12:18:03
    yeeeh-si by dennismv2007-12-26 12:29:10
      Yes, I did consider that by PeKaJe2007-12-26 12:37:20
      If you are Following PCI compliance anywhere by Classic_Jon2007-12-26 13:04:23
    ^ ^ ^ Abso-freakin-lutely. (n/t) by Twitchh2007-12-26 12:30:53
  If you are going to by Didactylos2007-12-26 12:28:35
    There are a few "secure remote password" protocols by bwkaz2007-12-26 13:29:31
  No. by CynicalRyan2007-12-26 13:44:39

 

[Todays Cartoon Discussion] [News Index]

Come get yer ARS (Account Registration System) Source Code here!
All images, characters, content and text are copyrighted and trademarks of J.D. Frazer except where other ownership applies. Don't do bad things, we have lawyers.
UserFriendly.Org and its operators are not liable for comments or content posted by its visitors, and will cheerfully assist the lawful authorities in hunting down script-kiddies, spammers and other net scum. And if you're really bad, we'll call your mom. (We're not kidding, we've done it before.)