This topic is locked

cookie security problem

5/19/2011 1:42:28 PM
PHPRunner General questions
T
tedwilder author

.

Sergey Kornilov admin 5/19/2011

Retrieving cookie that belongs to another website is not that easy. However all cookies are potentially vulnerable even if you use some kind of additional security to protect them. Besides that IP addresses may change and browser doesn't have access to users MAC address.
Here is what you can do:

  1. Remove 'Remember password' option. After all most browsers allow you to save passwords.
  2. Protect the most important area of your application having user re-enter password. This what Amazon does.

    More info: http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/

T
tedwilder author 5/19/2011

.

T
text 5/20/2011

Ted
Thanks very much for bringing this to my attention. As a relatively newbie developer, security is something I know I am lacking in knowledge of. Your post and a look on Stackoverflow has greatly improved my knowledge.
Thanks
Richard



yep I agree but

for instance : this forum : even if you choose permanent login it doesnt record the passwd in plain text.

it would even be worth to encrypt and salt the whole session with http://php.net/manual/en/function.session-set-save-handler.php function.

you took time to correctly escape login forms and all so to let that kind of weakness is a pity. ( by the way to salt users passwd would be nice too because for the momenr passwd are just raw md5 encoded and it's very easy to revert md5 string to plain text with the power of GPU -I tested it on my own phprunner project : all passwd were retrieved in few seconds (only letters and numbers ). Sure you added the " prevent weak password" option, but not all user are going to use that and as it costs nothing and it's easy to add..).