http://qs321.pair.com?node_id=99447


in reply to Re: User authentication
in thread User authentication

Interesting. That's very similar to what I did for a recent small web site. The only real difference is that instead of using a cookie, the hash is kept in a hidden input field on each screen. This works as long as the screen-to-screen transitions are form based (rather than links), and has the advantage that it doesn't rely on user/browser acceptance of cookies.