From: MJ R. <ma...@cl...> - 2001-01-19 01:02:27
|
Robert L Krawitz <rl...@al...> writes: > Well, think about how the login works; it sets a cookie with a session > hash value. If the cookie isn't encrypted, someone could steal it and > masquerade as you for the duration of the session. Only if they spoof your IP too, one hopes. Badly OT now? -- MJR |