Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

RE: Answer: Security: Cookies vs HTTP authentication

by vaevictus (Pilgrim)
on Sep 02, 2000 at 01:24 UTC ( #30810=note: print w/replies, xml ) Need Help??


in reply to Answer: Security: Cookies vs HTTP authentication
in thread CGI programming

IMHO, Securing "by cookies" is not securing at all... if you have not done some sort of user/password or crypto key exchange, then I'd be really worried about doing anything with www.egroups.com.
It sounds like to me, that it would be pretty easy to obtain the data on egroups by inappropriate means. (Logging in as someone else.) I mean... the server can store data on your computer in those cookies... but all that says is "someone once connected here". Unencrypted cookies can be sniffed. Then they can be used *EASILY* by anyone with a 3rd grade hacking level.

Thanks for the heads up on egroups though... i'll prolly avoid them now. :)

  • Comment on RE: Answer: Security: Cookies vs HTTP authentication

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://30810]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (4)
As of 2020-10-20 12:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My favourite web site is:












    Results (210 votes). Check out past polls.

    Notices?