Why do you want to encrypt the password in a Cookie?
I guess a better question is, why send the password as part of the cookie at
all? If you have to have a login mechanism, and you absolutely must have
security why not use HTTPS to manage the logon, for that crucial part of the
application that needs it?
Kevin Jones
DevelopMentor
www.develop.com
> -----Original Message-----
> From: A mailing list for discussion about Sun Microsystem's Java Servlet
> API Technology. [mailto:[EMAIL PROTECTED]]On Behalf Of Jake
> Brain
> Sent: 23 August 2000 14:38
> To: [EMAIL PROTECTED]
> Subject: password cookie
>
>
> To anyone who saved users password in a cookie. Did you encrypt
> or encode the
> password before making the cookie? Did you use BASE64 or some stronger
> encryption(DES,etc). Tell me about your experiences. Thanks.
>
> __________________________________________________________________
> _________
> To unsubscribe, send email to [EMAIL PROTECTED] and include
> in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
