Hi, I have used cookies to set remember me option while login.If cookies are set,I have used sessions to set the login.But it seems to be hackable.How can I use secure login with remember me option. Pls suggest me a good solution.
I understand that we have to encrypt the details and store it in cookies but I dont know how to reassign them when login.
No need to decrypt and compare both encrypted. Say you have value X Which when encrypted becomes djakshdakjs So now instead of converting djakshdakjs to X encrypt X and compare with djakshdakjs
I don't know how you said its hackable. Use sessions for logins and cookies just for remember me options. I don't think you want the user to get logged in directly rather you want his/her username/email to be displayed in the form if he chooses remember me options.
