Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Classic ASP versions(v3.4.XX)
 About the Encription in 3.4		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

Gato
New Member

Brazil
92 Posts
Posted - 19 August 2002 :  13:38:25  Show Profile  Visit Gato's Homepage
Why is the encription, since if I access a computer, I have just to copy what is saved on the cookie... COrrect me if I am wrong but what is the best thing of it????
Get the new Gato's MultiLanguage Portal Code with 6 Languages Included and more than 70 MODs & 30 New Features
Get more information here

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 19 August 2002 :  13:41:06  Show Profile  Send ruirib a Yahoo! Message
What's better, have a cookie that anyone can read or have a cookie that noone can read? What would the alternative be, other than not using cookies?

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

Gato
New Member

Brazil
92 Posts
Posted - 19 August 2002 :  14:09:31  Show Profile  Visit Gato's Homepage
But, the point is, a cookie anyone can read if access your pc, right??? So, if it is encrypted, what is the advantage of it since you have just to copy the content of it to get it working on another computer???

I am just trying to understand how it works, so I can inplement in other things..
Get the new Gato's MultiLanguage Portal Code with 6 Languages Included and more than 70 MODs & 30 New Features
Get more information here
Go to Top of Page

bjlt
Senior Member

1144 Posts
Posted - 19 August 2002 :  14:11:44  Show Profile
is this what you like? a login key in the cookie that has nothing to do with your password, changes every time you log in (with a password)?

will dev team members please read this topic I posted, and give your comments?

http://forum.snitz.com/forum/topic.asp?TOPIC_ID=33072

if a new release is to be out, I'd like to see it there.
Edited by - bjlt on 19 August 2002 14:29:36
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts
Posted - 19 August 2002 :  14:12:56  Show Profile  Send ruirib a Yahoo! Message
The advantage is that the cookie can no longer be read to find out the user's password.

Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

Roland
Advanced Member

Netherlands
9335 Posts
Posted - 19 August 2002 :  14:27:17  Show Profile
The whole idea is that your password can't be read by anyone, so nobody can log in as you. Try inserting a 64 character password in a text field that'll only allow 25 characters

Yes, there are ways around it, let's not go in depth into that, but it doesn't do any harm, and does provide some extra safety.
Go to Top of Page

Gato
New Member

Brazil
92 Posts
Posted - 19 August 2002 :  15:16:22  Show Profile  Visit Gato's Homepage
But what I am tryting to say is that, to anyone access the old cookie, it has to use the same way that it will read this, so to get login using my account, they only have to copy everyting that it is in the cookie and paste in his computer cookies......

It is because of this that I don't see how can this protect you, the only thing is that he can not change the profile (in the new version) and that's it and login in the admin (but there are other ways to protect). I mean the main is for a normal user, how can this protect from logging since they only have to copy the content of the cookie file.....
Get the new Gato's MultiLanguage Portal Code with 6 Languages Included and more than 70 MODs & 30 New Features
Get more information here
Go to Top of Page

Doug G
Support Moderator

USA
6493 Posts
Posted - 19 August 2002 :  15:27:59  Show Profile
If you have physical access to someone's computer you can copy all sorts of "their" stuff. Encryption keeps the password out of prying eyes tho. How would you do otherwise? I assume you could copy every cookie on that user's computer, not just snitz's, and could log on to all sorts of password protected sites.
======
Doug G
======
Computer history and help at www.dougscode.com
Go to Top of Page

Roland
Advanced Member

Netherlands
9335 Posts
Posted - 19 August 2002 :  15:32:57  Show Profile
well, the thing is that you can't be logged in when you still have your old cookie. So the next time a member visits your forums, they have to log in again and get a new cookie.

There's nothing to be done when your cookie has already been stolen except changing your password (which I do on a monthly or bi-monthly basis anyway).
Go to Top of Page

Gato
New Member

Brazil
92 Posts
Posted - 19 August 2002 :  19:33:14  Show Profile  Visit Gato's Homepage
Ok, thanks, the pwd is always the same in the cookie???

Thanks
Get the new Gato's MultiLanguage Portal Code with 6 Languages Included and more than 70 MODs & 30 New Features
Get more information here
Go to Top of Page

Roland
Advanced Member

Netherlands
9335 Posts
Posted - 20 August 2002 :  04:04:20  Show Profile
the password will always be the same unless you change your password. Makes sense, right?
Go to Top of Page

Gato
New Member

Brazil
92 Posts
Posted - 20 August 2002 :  13:51:02  Show Profile  Visit Gato's Homepage
right, ok, thanks....
Get the new Gato's MultiLanguage Portal Code with 6 Languages Included and more than 70 MODs & 30 New Features
Get more information here
Go to Top of Page

Roland
Advanced Member

Netherlands
9335 Posts
Posted - 20 August 2002 :  14:04:47  Show Profile
You're welcome
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.32 seconds. Powered By: Snitz Forums 2000 Version 3.4.07