cakePHP session not storing password -


My concern is that when I login using the at-> login () method, then about user All data is stored session but not password I wonder if this is normal? And how can I specifically select what field I want to store in session when I enter?

said in the comment: The storage password in the sessions is not secure, and any reason to do so Should not be .

Actually, do not do that. do not .

Let's enter fantasy world. If the athent component saves passwords in session, then he has two possibilities to do this: Save it as plain text, or save it lightly and salty

Scenario A:
It is your forehead Writing your password, taking a selfie, and posting on Facebook (or the next new social network) will be similar. Anyone who sees your session (this can be done) will have your plain text password and if the user uses the same password for everything ... yay free Amazon shopping!

Scenario two:
It is "safe" in a way that is not plain text. But the safest thing? If you know the final product, it is easy to decrypt something by means of brute force, if I know that a plain password is "12345" head and salt and "i8g04 ", And I have the same job for many other users, so what can I eventually use the salt and how to do it" finally "probably means 2 ^ 58 instead of 2 ^ 58 bruteIt tries to force it very little time and processing (according to Google 1.4411519 A + 17) then ... no, it is better not to do it

And how you specifically You can choose which session I want to log in to session

I do not know how to do this, there is only one optional parameter in login That's why there is no choice ... to add functionality to enhance the body content. Spun If you want ... but if you want to do something specific, so maybe you explain your reasons to us and we will advise you how to do it.

PD: I repeat, do not store passwords in sessions .


-

Comments

Post a Comment

Popular posts from this blog

sqlite3 - UPDATE a table from the SELECT of another one -

I have the first table article where some data is missing. In the table, articles_tmp I have a part of the missing data. So I want to update the articles. Where the path path is data in articles_tmp.path where the path is not zero . With SQLite , it does not work: update article SET path = (SELECT at.path FROM Articles_tmp as AS, WHERE at.article_id = a.id and a.asp, the text is in the form and not on. It has been transmitted) where the path is null MS Access Along with, it works fine: Update Articles Join the Inner Articles at articles_tmp articles.id = articles_tmp.id SETP articles.path = articles_tmp.path Can anyone help? Sin CE SQL Server Syntax, which I provided, was not working, here this solution With whom I have come. A little modification of your original query, but with my "correlation" suggestion added. There is a SQL Bella for this: Here is the code: update article SET path = (SELECT path from articles_tmp AS T WHERE t.id
Read more

c# - Showing a SelectedItem's Property -

So I have enabled a rightclick option for my DataGrid. I want to display the only chosen property but it is not behaving like what I would like it to display my name and additional. Public category Paymentinfo {public int PaymentNo {get; Set; } Public string date {get; Set; } Public Double Pay {get; Set; } Public Double Principle {get; Set; } Public Double Interest {get; Set; } Public Double Balance {Received; Set; }} Private Zero MenuItem_OnClick (Object Sender, RoutedEventArgs e) {MessageBox.Show (AmortGrid.SelectedItem.ToString ()); } I'm trying to apply it without using a View Module! If I place a breakpoint where the messagebox and the recipient place it on selected ITEM, then this property will display the payment. A date-payment-principle-interest-balance is the only value that needs payment. Was hoping that it would be something like this MessageBox.Show (AmortGrid.SelectedItem.PaymentNo.ToString ()); When you call ToString () So you get the class typ
Read more

javascript - Render HTML after each iteration in loop -

I'm trying to gradually increase the font size of text on a web page. The code works in my place, although the new HTML / CSS does not render after every iteration of the loop and when all this is done, then display only the text of 100 px size. To see the text as if it is slowly zooming, I need to do this JavaScript is down because it is being used from a different file here is what I have ... < Pre> & lt; P class = "game-title" style = "font-size: 50px" & gt; Test & lt; / P & gt; Function sleep (milliseconds) {var start = new date (). GetTime (); For (var i = 0; i & lt; 1e7; i ++) {if ((new date). GetTime () - start) & gt; Milliseconds {break; CSS ('font-size', 'parseInt ($ (' game-title '). CSS (' font-size ')) + 1 + "pixels"); } While (parasont ($ ('# text'). Css ('font-size')) & lt; = 100) {sleep (1000); IncreaseSize (); Using CSS: Use of jQuery (sample):
Read more