remember me option in login

rekha's Avatar
Contributor
Hi,

I have used cookies to set remember me option while login.If cookies are set,I have used sessions to set the login.But it seems to be hackable.How can I use secure login with remember me option.

Pls suggest me a good solution.
0
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Encrypt your value stored in the cookies
0
rekha's Avatar
Contributor
Then how to implement the username and store it in sessions for login.

Thanks.
0
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Encrypted.
0
rekha's Avatar
Contributor
I understand that we have to encrypt the details and store it in cookies but I dont know how to reassign them when login.
0
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Quote:
Originally Posted by rekha View Post
I understand that we have to encrypt the details and store it in cookies but I dont know how to reassign them when login.
No need to decrypt and compare both encrypted.

Say you have value X Which when encrypted becomes djakshdakjs

So now instead of converting djakshdakjs to X encrypt X and compare with djakshdakjs
0
learn3r's Avatar, Join Date: Dec 2009
Light Poster
I don't know how you said its hackable. Use sessions for logins and cookies just for remember me options. I don't think you want the user to get logged in directly rather you want his/her username/email to be displayed in the form if he chooses remember me options.