Reply to Re: [PHP] Storing password in cookie

Your name:

Reply:


Posted by trlists on 04/09/05 14:29

On 9 Apr 2005 Andy Pieters wrote:

> It doesn't matter how you encrypt it.
>
> DO NOT STORE PASSWORDS ON USERS COMPUTER
>
> I hope that's clear enough.

A couple of people have stated this but I think it is incorrect. For
one thing the users themselves are very likely to store the password
there, so why shouldn't you -- with permission of course?

Many sites will do this with a "remember my password and log me in
automatically" feature. Web-based discussion boards, for example, do
this routinely and the only security risk is that someone who got
access to your computer might get access to your account on the board.
As long as the discussion topics are not sensitive I suspect most
people using private computers would judge this to be an acceptable
risk. On the other hand I would never do it (or allow a site to do it)
for a site where my email account could be accessed, or money could be
charged. But others might feel their computer is secure enough that
they are willing to take even those risks.

Like many such questions, to me this is not something that should be
subject to absolutes but to considered judgment, some on the part of
the developer and some on the part of the user.

--
Tom

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация