Menu
My web application's home page has a RememberMe checkbox. If the user checks it, I willl store email-id and password in cookies. This is my code:
if (this.ChkRememberme != null && this.ChkRememberme.Checked == true) { HttpCookie cookie = new HttpCookie(TxtUserName.Text, TxtPassword.Text); cookie.Expires.AddYears(1); Response.Cookies.Add(cookie); } What I want to know is:
573
They never store your password, encrypted or not, in a cookie.
Your passwords are stored in the Password Manager. Your login status is stored in special cookies. The cache is where the browser stores temporary website information. Your passwords are stored in the Password Manager.
Since the data in cookies doesn't change, cookies themselves aren't harmful. They can't infect computers with viruses or other malware. However, some cyberattacks can hijack cookies and enable access to your browsing sessions. The danger lies in their ability to track individuals' browsing histories.
Anything that should remain secure shouldn't be stored. That includes passwords, credit card numbers, social security numbers, etc.
It's NOT secure to store passwords in cookies because they are available as plain text.
A good place to find some answers about cookies is Cookie Central. For membership usually is used a cookie with a long string called 'token' that is issued from the website when you provide your user name and password. More about the process you can find in this article. When using forms authentication in ASP.NET you can set the authentication cookie like this:
FormsAuthentication.SetAuthCookie(userName, isPersistanceCookie); The second parameter is used for "Remember Me" functionality - if true it will create persistent cookies that will last after you leave the site. You can also programatically manipulate the cookie like this:
HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
