Posted by Richard Lynch on 10/05/30 11:13

On Tue, April 12, 2005 8:03 pm, trlists@clayst.com said:
> On 11 Apr 2005 Chris Shiflett wrote:
>
>> > > DO NOT STORE PASSWORDS ON USERS COMPUTER
>> >
>> > A couple of people have stated this but I think it is incorrect.
>>
>> Please refrain from such speculation, because it does nothing to improve
>> the state of security within our community. This idea of storing
>> passwords in cookies is absurd.
>
> Hmmm, sorry, it wasn't speculation but an opinion in response to what I
> thought had moved from a practical into a theoretical discussion. I
> agree, storing even an encrypted password in a cookie is a poor idea in
> most situations. But to me development is about selecting the right
> tool and using it the right way for the job at hand, and as a matter of
> principle I'm not convinced that a password stored in some form in a
> cookie can never, ever be the right tool for any job -- even if it's
> the wrong tool for many or most.

Some absolutes are absolute.

That's why we call them absolutes.

This is one of them.

If you can think of a single real-life counter-example, feel free to post
it, and shock the world.

--
Like Music?
http://l-i-e.com/artists.htm

[Back to original message]