On 2/17/2010 5:32 AM, Dmitri Snytkine wrote:
Just wondering, is it a bad practive for a web-based app to store user's token and secret in cookies? This would of cause simplify and speed up the login, but is it a security risk?
When you boil it down, everything done to increase accessibility is a security risk. I would think that if you keep your consumer key pair on the server there is little problem with this.