Jump to content

Recommended Posts

passwords are automatically encrypted if you use the password type.

 

Lol, No they're not...  I hope this isn't how you set up any of your systems...

 

The characters are replaced with dots when you type, but that's not considered encrypted...

Link to comment
https://forums.phpfreaks.com/topic/146640-remember-me/#findComment-770548
Share on other sites

Why did a college professor lie to me about it then?  Why wouldn't password automatically encrypt the data when sending it?

 

Lol, I highly doubt the professor was lying to you...  You probably weren't paying attention or didn't understand what the professor was talking about so you just made an assumption.

Link to comment
https://forums.phpfreaks.com/topic/146640-remember-me/#findComment-770973
Share on other sites

Agreed. This is not a lie, just he was just a substance of a bad book and never bothered to update himself on new security tactics. I used to do that too for my sites, now I know how sessions work and I store a hash for "loggedin" in a cookie if remember me is checked and this is stored in the DB for that user. If his time expired or that session was changed it is trashed. If he comes back on validly then I regenerate a new hash at that time and update the cookie.

 

But as stated, he did not lie. He is just mis-informed.

Link to comment
https://forums.phpfreaks.com/topic/146640-remember-me/#findComment-771016
Share on other sites

passwords are automatically encrypted if you use the password type.

 

I also agree with everyone that the password isn't auto encrypted for these reasons:

 

A. The server wouldn't be able to decrypt it and read: if($_POST['pass'] == 'xxx')

B. SSL would be useless.

C. There wouldn't be password encryption tutorials on the internet.

Link to comment
https://forums.phpfreaks.com/topic/146640-remember-me/#findComment-771334
Share on other sites

As I was implementing this, I ran across this problem...

 

Since I am regenerating a new Cookie value every time auto login only works on one computer.

 

So, lets say I tell the site to remember my login, it logs in every time fine. Now lets say I go to a new computer and I want that computer to also "Remember Me", now that computer will remember me, but the other one will not.

 

Any suggestions for this problem?

Link to comment
https://forums.phpfreaks.com/topic/146640-remember-me/#findComment-771655
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.