I would like to ask, what is the difference between placing the user name in the session and then putting the sessionid into the cookie?

Source: Internet
Author: User
I would like to ask, what is the difference between placing the user name in the session and then putting the sessionid into the cookie? I recently read many posts about secure logon on the website logon page. The most common method is to put the user name into the session and then put the session id into the cookie. What is the difference between putting a user name in a cookie? If not, encrypt it?


Reply to discussion (solution)

Cookie on the client
Session on the server
In terms of privacy protection, it is obvious that the latter is better than the former.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.