password pertected pages

Results 1 to 2 of 2

Thread: password pertected pages

  1. #1
    Join Date
    Dec 1969

    Default password pertected pages

    I am making a password pertection script. It is only having one account without a DB. Would cookies or session be better to keep someone temporally logged in? Ignoring keeping a person logged in, which would be better in general to use for a password pertection script?<BR><BR>thanks,<BR>Bryan

  2. #2
    Join Date
    Dec 1969

    Default Cookies are stored in the browser... that means that all somebody has to do is look at what&#039;s been stored and use that same thing again sometime/someplace else.<BR><BR>In other words, cookies are NOT at all secure.<BR><BR>Mind you, Session variables aren&#039;t perfect (because they still depend on the session ID being sent to the browser, but at least its encrypted and only valid while that session is active), but they&#039;re (a) easier and (b) more secure.<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts