Saving User Name And Password.
-
Hi, I have written a code to save username and password on client machien using cookie.The code is as follows:- HttpCookie loginCookie = new HttpCookie("logCoockie"); if (this.Login1.RememberMeSet) { //Check if the browser support cookies if ((Request.Browser.Cookies)) { //Check if the cookie with name LoginCookie exist on user's machine //if (loginCookie == null) //{ //Create a cookie with expiry of 30 days loginCookie.Expires = DateTime.Now.AddDays(30); //Write username to the cookie loginCookie.Values.Add("UNAME", this.Login1.UserName.ToString()); //Write password to the cookie loginCookie.Values.Add("UPASS", this.Login1.Password.ToString()); //} //If the cookie already exist then wirte the user name and password on the cookie //else //{ // loginCookie.Values.Add("UNAME",this.Login1.UserName.ToString()); // loginCookie.Values.Add("UPASS",this.Login1.Password.ToString()); //} } Response.Cookies.Add(loginCookie); } else { Response.Cookies["logCoockie"].Expires = DateTime.Now.AddDays(-3); } But it is not recommended to save such information in cookie.Can anyone help to use any alternative way to save such inforamtion. Thanks.
-
Hi, I have written a code to save username and password on client machien using cookie.The code is as follows:- HttpCookie loginCookie = new HttpCookie("logCoockie"); if (this.Login1.RememberMeSet) { //Check if the browser support cookies if ((Request.Browser.Cookies)) { //Check if the cookie with name LoginCookie exist on user's machine //if (loginCookie == null) //{ //Create a cookie with expiry of 30 days loginCookie.Expires = DateTime.Now.AddDays(30); //Write username to the cookie loginCookie.Values.Add("UNAME", this.Login1.UserName.ToString()); //Write password to the cookie loginCookie.Values.Add("UPASS", this.Login1.Password.ToString()); //} //If the cookie already exist then wirte the user name and password on the cookie //else //{ // loginCookie.Values.Add("UNAME",this.Login1.UserName.ToString()); // loginCookie.Values.Add("UPASS",this.Login1.Password.ToString()); //} } Response.Cookies.Add(loginCookie); } else { Response.Cookies["logCoockie"].Expires = DateTime.Now.AddDays(-3); } But it is not recommended to save such information in cookie.Can anyone help to use any alternative way to save such inforamtion. Thanks.
why do you need to store this on client side? there might be better solution for that. if you really need to store this in a cookie, then you have to encrypt the information at least. check eric newton's article on cookie encryption: http://www.codeproject.com/KB/web-security/HttpCookieEncryption.aspx[^]
-
Hi, I have written a code to save username and password on client machien using cookie.The code is as follows:- HttpCookie loginCookie = new HttpCookie("logCoockie"); if (this.Login1.RememberMeSet) { //Check if the browser support cookies if ((Request.Browser.Cookies)) { //Check if the cookie with name LoginCookie exist on user's machine //if (loginCookie == null) //{ //Create a cookie with expiry of 30 days loginCookie.Expires = DateTime.Now.AddDays(30); //Write username to the cookie loginCookie.Values.Add("UNAME", this.Login1.UserName.ToString()); //Write password to the cookie loginCookie.Values.Add("UPASS", this.Login1.Password.ToString()); //} //If the cookie already exist then wirte the user name and password on the cookie //else //{ // loginCookie.Values.Add("UNAME",this.Login1.UserName.ToString()); // loginCookie.Values.Add("UPASS",this.Login1.Password.ToString()); //} } Response.Cookies.Add(loginCookie); } else { Response.Cookies["logCoockie"].Expires = DateTime.Now.AddDays(-3); } But it is not recommended to save such information in cookie.Can anyone help to use any alternative way to save such inforamtion. Thanks.
I would store a GUID on the client side and map that to a user in my database, so that the cookie maps to the login, without anyone being able to access the login from there.
Christian Graus Please read this if you don't understand the answer I've given you "also I don't think "TranslateOneToTwoBillion OneHundredAndFortySevenMillion FourHundredAndEightyThreeThousand SixHundredAndFortySeven()" is a very good choice for a function name" - SpacixOne ( offering help to someone who really needed it ) ( spaces added for the benefit of people running at < 1280x1024 )
-
why do you need to store this on client side? there might be better solution for that. if you really need to store this in a cookie, then you have to encrypt the information at least. check eric newton's article on cookie encryption: http://www.codeproject.com/KB/web-security/HttpCookieEncryption.aspx[^]
Thanks for your reply. Actually I want to know other better ways to save username and password without using cookies.Please help.
-
Thanks for your reply. Actually I want to know other better ways to save username and password without using cookies.Please help.