i would like to know wheather cookies handles passwords.if so where they contain.

Recommended Answers

All 4 Replies

normally no, username maybe, but from a little I had read, some may contain your sessionId etc.

No cookies are stored in client's machine and since they are not a secure enough to hold confidential information so they do not contain password. However as a text you can put password in cookies but you shouldn't do so. Password once validated should not be stored in any medium like cookies or session.

Cookies should never contain passwords. You can have a cookie contain a session id. The session id can then point to a user in a database. From the database you can easily cross reference the user's password. By doing it this way you can have the session expire in the database after a few hours/days and also have the cookie to do the same.

they shouldn't, but that doesn't mean they don't...
It all depends on how the website was programmed.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.