stackoom
  简体   繁体   中英

Writing Remember Me for login

 原文  2012-08-07 20:51:56       php/ login/ remember-me

Question

I'm going to write a login page, and I've been reading Charlie Miller's article on Remember Me for logins. Also read the OWASP cheat sheet. I was thinking, instead of a persistent database entry for the random number, could you not just store the random number in the $_SESSION array? Then check the user cookie, if it matches, then regenerate numbers and set in session cookie and user cookie?

1 answers

solution1
 1 ACCPTED  2012-08-07 21:18:11

The point is, usually you don't have a valid session for the user when he has to login again. Sessions don't get stored infinitely.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Login programmatically + remember me php login script - remember me MTA & HTML Login & Remember Me Symfony force login and remember me codeigniter remember me for login by session Symfony remember me login datetime needed Login 'Remember me' Cookie - Best security practices Weird ajax remember me login bug how to do "remember me" login option in laravel? remember me checkbox in login using cookie in codeignitor
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM