I’m working on a log in system for an application, and I’m not sure

Question

0

Asked: May 30, 20262026-05-30T12:44:35+00:00 2026-05-30T12:44:35+00:00

I’m working on a log in system for an application, and I’m not sure

0

I’m working on a log in system for an application, and I’m not sure what information I should store. Currently, I only store user’s ID into a session variable, and if that variable is set, it will load the user from the database with all of the required information. But, I also want to have a ‘remember me’ option, for which I would require cookies, and I’m not sure what to store in them. If were only to store the user id, that would be risky, since someone could just change the id and be a different user. My idea currently is to do this:

$array = array($user['username'], $user['pass']);
            serialize(base64_encode($array));

So if the cookie was set, I would unserialize it, and find the user with the password and username (the password itself is hashed in MD5).
But, I assume this isn’t very secure. What should I store into the cookie to make it secure, and is there any other way?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-30T12:44:36+00:00

Editorial Team

2026-05-30T12:44:36+00:00Added an answer on May 30, 2026 at 12:44 pm

Instead of putting the password in the cookie, you can create a hash from it and save that instead. You would also save the hash in the database so when comparing cookies, the username and hash have to match which avoids exposing the password.

You can create a simple hash with MD5.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m working on a log in system for an application, and I’m not sure

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply