in reply to Secure passwords
I'm not sure at all what you are asking, and what it has to do with Perl, but ...
...is it not also true that some browsers store passwords, not as a cookie, but within their own "password manager" or equivalent?
If so, just turn that password manager feature off, or just don't accept cookies, or switch email services. That's what I would do...
update: I just read your question again, and realized that you are asking how to do it....or are you asking what to do about it like I originally thought?
Re: Secure passwords
by kal (Hermit) on Apr 01, 2001 at 12:50 UTC
|
Most common way is to use basic auth - this is how browsers 'store' passwords. The server asks for authentication, the browser sends it, and keeps sending it in subsequent requests. Usually, this doesn't get saved anywhere unless you ask for it. Of course, the pages may be subject to cacheing though.
The encryption / non encryption thing is mostly about preventing people sniffing your traffic - not highly likely, unless you have reason to suspect otherwise - but the main worry is probably leaving stuff behind in cache. Basic auth is probably fine for most uses, esp. over SSL, but I suppose it depends how paranoid you are...
| [reply] |
|