10-28-2011, 09:22 PM | #1 |
Registered User
Join Date: Jul 2011
Posts: 177
|
Putting password in the cookie?
I've been starting to learn how to use cookies, and the example script I've been using checks the username and password against the database, but only set the username in the cookie. Couldn't somebody just go in and change the cookie to anybodies' username? Or am I wrong on that? So would the solution be to add their password into the cookie too? Or does that have risks I havent noticed?
I'm not looking for hacker-proof just yet, I don't want it to be as easy as just changing the username in the cookie.
__________________
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. |
02-05-2012, 11:35 PM | #2 |
Moderator
Join Date: Sep 2011
Location: INDIA
Posts: 250
|
i dont see any risk till now as per my knowledge as after user closes browser ,cookies will be u set by some code also you may see several websites at your end also that use to save passwords thats because of cookies they store on your computer
__________________
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. | To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts. |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|