Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris

Re: Crypt::CBC and verifying passwords

by Ryszard (Priest)
on May 19, 2004 at 18:02 UTC ( #354702=note: print w/replies, xml ) Need Help??

in reply to Crypt::CBC and verifying passwords

You really should know that storing passwords client side in a cookie is a bad idea. Encrypt and compare baby, all the way, SERVER side.

Replies are listed 'Best First'.
Re: Re: Crypt::CBC and verifying passwords
by geektron (Curate) on May 19, 2004 at 18:05 UTC
    i'm aware that (unencrypted) almost anything in a cookie is a Bad Idea ™, but without rearchitecting this whole application, i'm stuck with encrypted cookies.

    encrypted in cookie, decrypted and compared server side.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://354702]
[LanX]: interesting the author doesn't seem to accept javascript as a scripting language
[LanX]: ... and calls php7 the winner oO
[RonW]: RPerl is only a curiosity to me. I can see where some one who primarily codes in Perl might find RPerl useful, but to me, given the choice between RPerl's restrictions and C, I'd choose C

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (7)
As of 2017-05-22 20:40 GMT
Find Nodes?
    Voting Booth?