jk2-digger Posted April 13, 2002 Share Posted April 13, 2002 JediKinghtII.net Forum: First you make us have to have an account to search the forum. Then you make us have to have an account to read the forum. Then after detailing a post for over 20 minutes with accurate and insightful information to help users running dedicated servers of your product and clicking preview post your server told me to login in again b/c I was no longer logged in and I lost all of the details of what I had written. Why? Why? -and- Why? This is not a user "functional" design and actually hinders the communities involved (the USENET, the Gamers, and the Admins). Please reconsider these settings. Link to comment Share on other sites More sharing options...
Metallus Posted April 13, 2002 Share Posted April 13, 2002 I've actually experienced this myself, and the way to avoid it is by doing this: Login where it says "Not cookied? Login with username and password" at the bottom of the main lucasforums screen (only appears when logged out). Make sure you've got cookies enabled. Link to comment Share on other sites More sharing options...
jk2-digger Posted April 13, 2002 Author Share Posted April 13, 2002 Sorry, but I personally don't agree witht he idea of everything being stored ina cookie. Not only is this waste of resources, but also an incredible security risk. It may only be a forum, but someone can get passwords and other such info out of a cookie that can be used against you. Just my two cents. Link to comment Share on other sites More sharing options...
matt-- Posted April 13, 2002 Share Posted April 13, 2002 The only info stored in the cookie is your userid, not your username, and your password hash. How can that be used against you? Link to comment Share on other sites More sharing options...
jk2-digger Posted April 14, 2002 Author Share Posted April 14, 2002 =============== The only info stored in the cookie is your userid, not your username, and your password hash. How can that be used against you? =============== If that is the case how does it maintain your logged in status? Link to comment Share on other sites More sharing options...
matt-- Posted April 14, 2002 Share Posted April 14, 2002 You're authenticated each time you load up a page through the cookie. The page reads your hash and your id, compares them to the id and hash stored in the database. If they match, and your IP hasn't changed since your last login, it recognizes who you are...otherwise, it asks you to login. If you're really paranoid, I suggest you configure your computer to periodically clear your cookies. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.