[ic] Login Cookie
tech at khouse.org
Mon Dec 6 19:36:37 EST 2004
A customer complained about setting the username and password in a cookie
for "auto-login." A look at this page:
Shows this is what happens. Is there a good reason security-wise to use an
md5 hash table or some other form of unique identification for auto-login,
rather than username/password in a cookie?
Anyone else have concerns about this?
More information about the interchange-users