So basically i’m wondering how safe is my way of using Session variables. I

Question

0

Asked: June 14, 20262026-06-14T12:48:40+00:00 2026-06-14T12:48:40+00:00

So basically i’m wondering how safe is my way of using Session variables. I

0

So basically i’m wondering how safe is my way of using Session variables.

I have a login form where user types his username/password, it gets parametrized then queried, if username/password exists, then a userID is returned from db table. This is unique for every user.

when i have this value, this is where i’m wondering whether this way is safe way of storing the userID inside the session variable uID? anyhow this is how i do it,

Session["uID"] = (int)dt.DefaultView[0]["userID"];

FormsAuthentication.RedirectFromLoginPage(username.Text, false);

Response.Redirect("userPage.aspx", false);

then the page is redirected to another page where i use the session variable to fetch the users tables from the db.

Thanks in advance for your feedback

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-14T12:48:42+00:00

Editorial Team

2026-06-14T12:48:42+00:00Added an answer on June 14, 2026 at 12:48 pm

Session state is kept entirely server-side, no matter which storage method you use (in-memory, session state server or database).

So unless your server is hacked, Session variables are safe. And in case your server does get hacked, the hacker would only have access to the data in his own session, unless he finds a way to analyze the IIS process’ memory.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

So basically i’m wondering how safe is my way of using Session variables. I

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply