Session ID & Security

Neil Schemenauer nas at python.ca
Tue Jul 16 11:50:41 EDT 2002

Previous message (by thread): Session ID & Security
Next message (by thread): Session ID & Security
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jan Felix Reuter wrote:
> Now I'm concerned about security, because with this sheme an attacker could 
> easily get access to a user's session by just guessing its ID.

Use a larger random session ID.  64 bits should be enough for most
situations.

  Neil

Previous message (by thread): Session ID & Security
Next message (by thread): Session ID & Security
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-list mailing list