(bbq) Re: Re: Login and Session Thoughts


Clear questions and runnable code get the best and fastest answer
	PerlMonks

(bbq) Re: Re: Login and Session Thoughts

by BBQ (Curate)

on Dec 04, 2000 at 22:16 UTC ( [id://44832]=note: print w/replies, xml )

Need Help??

in reply to Re: Login and Session Thoughts
in thread Login and Session Thoughts

I second Fastolfe's suggestion with one minor variation:

Instead of setting one cookie witht the username + password, what I usually do is set two cookies with different expires. Username expires whenever you want, and password exprires at the end of the browser session. Unless it were a low security requirement site (such as perlmonks, we aren't exactly the NSA here :)) I would never keep the full combination of usernames and passwords on the cookie at the client.

Its way too easy for someone to use the same computer later, inspect the cookies and use that information to impersonate the user. Just my US$0.02.

#!/home/bbq/bin/perl
# Trust no1!

Comment on (bbq) Re: Re: Login and Session Thoughts

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://44832]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others about the Monastery: (5)

As of 2024-04-19 10:19 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found