Password in Session Variables? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Password in Session Variables? (/showthread.php?tid=27380) |
Password in Session Variables? - El Forum - 02-09-2010 [eluser]alexanderweiss[/eluser] For a new app I am developing I need to have access to the user password several times during a session (imap server). So either I have to ask for the password every time a page is loaded, or I would have to store the password in the session. Would this be safe/secure enough? Thank you! Password in Session Variables? - El Forum - 02-09-2010 [eluser]richthegeek[/eluser] there are easier ways - store a per-session hash in the session/cookie and in the database related to that users row. For example, create a hash like "sha1( time() . rand() )" and store that |40| hex in both then query for that. Password in Session Variables? - El Forum - 02-09-2010 [eluser]alexanderweiss[/eluser] [quote author="richthegeek" date="1265739300"]there are easier ways - store a per-session hash in the session/cookie and in the database related to that users row. For example, create a hash like "sha1( time() . rand() )" and store that |40| hex in both then query for that.[/quote] You mean I should put the password in a table, along with this hash? So I can retrieve the password when I query for the hash. |