Experts
We want to use a more secure login system for our future projects, rather than using session states to find out if the user is logged in or not. If my understanding is correct, as soon as the user authenticates with forms authentication, a cookie is created on the user's computer. How safe is it? Is a cookie susceptible to a hijacking form similar to session hijacking? What if the user does not accept cookies? Is there a better method I should pay attention to?
Thanks in advance.
- , . , , .
cookie , . -, . cookie , -, . , cookie , cookie Secure HttpOnly, HTTPS, cookie JavaScript.
cookie, URL-, .
cookie - cookie cookie .
,
, Https