Archive of UserLand's first discussion group, started October 5, 1998.

Re: DG Cookie contains plaintext password

Author:Clay Hughes
Posted:4/17/1999; 5:35:35 PM
Topic:DG Cookie contains plaintext password
Msg #:5100 (In response to 5099)
Prev/Next:5099 / 5101

Well, the technical director from the school district asked me about this the first time he looked at his cookies in Internet Explorer. His concern was that students can view the cookies of other students in the event that a student doesn't log-off after using a computer in the computer lab. Encrypting the cookie, even if it was nothing more that using base64, would make it harder to remember than a cookie in just the plain text. Most of the people who use this discussion group could easily figure that one out, but for the non-technical users which constitute the majority in many real-world situations, some encoding of cookies would be nice. Or, there should be a easy way to toggle for using cookies or using http authentication with a modal dialog.

This page was archived on 6/13/2001; 4:49:24 PM.

© Copyright 1998-2001 UserLand Software, Inc.