Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Secure remember me function?
Secure remember me function?
  • El Forum
    Guest
  •  
#1
11-02-2008, 05:59 AM

[eluser]Adam Griffiths[/eluser]
I am in the middle of developing an authentication library. I have had the login feature for some time now but now I am adding in a remember me function.

I use the term function as loosely as possible, it's not a function just a few extra lines of code. Anyway, it sets a cookie with a hash of the users username. I was thinking of checking for this cookie in the "logged_in" function, and then setting session variables. But then I realised it was open to many security holes.

I need to get around the question "What happens if a script kiddie starts stealing cookies?" They could have access to the whole system.

Any ideas on methods to securely keep people logged in for multiple sessions?

Thanks.


Messages In This Thread
Secure remember me function? - by El Forum - 11-02-2008, 05:59 AM
Secure remember me function? - by El Forum - 11-03-2008, 12:16 PM
Secure remember me function? - by El Forum - 11-03-2008, 12:23 PM
Secure remember me function? - by El Forum - 11-03-2008, 12:59 PM
Secure remember me function? - by El Forum - 11-03-2008, 01:04 PM
Secure remember me function? - by El Forum - 11-03-2008, 01:22 PM
Secure remember me function? - by El Forum - 11-03-2008, 01:28 PM
Secure remember me function? - by El Forum - 01-10-2009, 07:10 PM



Theme © iAndrew 2016 - Forum software by © MyBB