Sessions and security/maintenance
View Single Post
05-07-2008, 05:59 AM
is cute and cuddly
Join Date: Mar 2008
Location: Vegas, Baby
I do use a few methods, there's an alternate session ID stored in the users table which it authenticates against, and I also attach a hash of the members user agent so if for some reason the user agent string changes halfway through the session it logs them out to help prevent against hijacking. Any suggestions for a fourth line of defense?
View Public Profile
Send a private message to delayedinsanity
Visit delayedinsanity's homepage!
Find More Posts by delayedinsanity