My website has no user registration (members are pulled through from an offline db)

Question

0

Asked: May 23, 20262026-05-23T06:15:28+00:00 2026-05-23T06:15:28+00:00

My website has no user registration (members are pulled through from an offline db)

0

My website has no user registration (members are pulled through from an offline db) and the area that you can login to doesn’t hold very sensitive information.

So I want a basic login with a remember me function.

• After checking input against the DB, I plan to store their user_id, name, email in a session.

• For the remember me, I’d store a cookie with value = user_id:randomcode. The random code is generated at login and stored in a field on their user record.

Is this secure enough? or how could it be improved without getting too complex.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T06:15:29+00:00

Editorial Team

2026-05-23T06:15:29+00:00Added an answer on May 23, 2026 at 6:15 am

You should use the user_id:randomcode only once and generate a new one when the old is used. Read Persistent Login Cookie Best Practice.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

My website has no user registration (members are pulled through from an offline db)

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply