well, it is not so hard for attacker to crack such cipher... Could would be to use Rijndael for this (new session = new Rijndael key and IV vector), this style would be pretty secure :)
2009/7/30 Cerebrus <[email protected]> > > Yes... but cookie values can be encrypted and additionally validated > with a MAC. > > For details, take a look at the FormsProtectionEnum settable through > the formsAuthentication element of the web.config file: > > http://msdn.microsoft.com/en-us/library/9hd6wxdt.aspx > > On Jul 29, 4:21 pm, Giuseppe Povinni <[email protected]> wrote: > > Hi there, > > > > Question: When you set cookies in a C# code behind file, you are > > passing information to client side, can the user go to temporary > > files, catch the cookie and visualize the information that server sent > > in that same cookie? > > > > Thanks in advance. > > > > G Povinni. >
