Posted 11 August 2006 - 07:19 AM
Please post back.
Posted 11 August 2006 - 08:23 AM
Posted 11 August 2006 - 08:28 AM
Funny thing is, i discovered my ISP's webmail site had the flaw of encrypting a username in a cookie... But no password so someone could just make a md5 username put it in the right cookie and be in as someone else... Bout 3 days after i figured that out their webmail site changed
How does your login script and you script that creates the cookie work?
Posted 11 August 2006 - 08:55 AM
Do you think this is secure enough?
Posted 11 August 2006 - 09:26 AM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users