Possible Duplicate: PHP storing password in cookie In a login system, if a user

Question

0

Asked: May 20, 20262026-05-20T12:33:20+00:00 2026-05-20T12:33:20+00:00

Possible Duplicate: PHP storing password in cookie In a login system, if a user

0

Possible Duplicate:
PHP storing password in cookie

In a login system, if a user want to stay logged in, then the password needs to be stored in the browser cookie. I have been gone through many previous questions on SO, and found out that its not any secure to store the password in the browser cookie. I wonder if I do sth like

$string = 'snfcikkfbnvekrew';
    $salt = md5($passwrod.$string); 
    $password = md5(sha1(md5("$salt$string$salt")));  //or some other random sequence of encryption functions

I’m just curious to learn what kind of attacks can be performed if someone accesses the cookie?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-20T12:33:20+00:00

Editorial Team

2026-05-20T12:33:20+00:00Added an answer on May 20, 2026 at 12:33 pm

Why do you need to store the password in the cookie? Why not some other user identifier, such as an internal user ID or some temporary value of some kind?

“Store” and “password” are two words that should very rarely be used together, and when they are that use should be scrutinized carefully.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Possible Duplicate: PHP storing password in cookie In a login system, if a user

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply