+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Password in Session Variables? (/showthread.php?tid=27380)
Password in Session Variables? - El Forum - 02-09-2010
[eluser]alexanderweiss[/eluser]
For a new app I am developing I need to have access to the user password several times during a session (imap server). So either I have to ask for the password every time a page is loaded, or I would have to store the password in the session.
Would this be safe/secure enough?
Thank you!
Password in Session Variables? - El Forum - 02-09-2010
[eluser]richthegeek[/eluser]
there are easier ways - store a per-session hash in the session/cookie and in the database related to that users row.
For example, create a hash like "sha1( time() . rand() )" and store that |40| hex in both then query for that.
Password in Session Variables? - El Forum - 02-09-2010
[eluser]alexanderweiss[/eluser]
[quote author="richthegeek" date="1265739300"]there are easier ways - store a per-session hash in the session/cookie and in the database related to that users row.
For example, create a hash like "sha1( time() . rand() )" and store that |40| hex in both then query for that.[/quote]
You mean I should put the password in a table, along with this hash? So I can retrieve the password when I query for the hash.