First time here? Welcome to the site! A log of this visit has been recorded using cookies. Refresh the page to see cookies in action!
Cookies are a safe and useful technology when used cautiously. Many people believe that cookies are generally malicious and somehow capable of probing their system for information. This is of course impossible because cookies are only capable of storing information. Furthermore, since cookies are restricted to particular domains and subdirectories, malicious sites are prevented from accessing cookies that don't belong to them. Thus, the major security threat posed by cookies is the fact that they are stored locally and therefore visible to other users of the machine. Thus, the security of a particular cookie is dependent on the nature of information that is being stored. It is the responsibility of the webmaster to ensure that the information he or she places in a Cookie is appropriate and necessary, and that the user is informed of the associated risks.
It is imperative that web developers understand the difference between information that can be safely stored in a cookie and information that must be kept server side at all times! The following list provides a few guidelines for Cookie usage:
- Under no circumstance should a user's password, credit card number, or other private information be stored in a cookie.
- Session IDs should only be stored for the duration of a user's visit to a particular site, otherwise other users of the same machine are able to return to the site and falsely identify themselves by surpassing login.
- Remembering a user's login is usually considered safe but the user should always have the option of avoiding this behavior in the event that they are working on a public machine.
- When storing encrypted information in a cookie, it is generally safer to user a 1-Way encryption technique such as MD5 because they are harder to reverse.
Some of you may be wondering how it is possible to provide users with automatic logins without breaking the above principles. One solution is to store the password in an encrypted format both in a cookie and on the server. This way the password is not visible to malicious users but the logins are still automated. Of course, malicious users using the machine will also be automatically logged in but at least the information is kept private. It is for this reason that sites require users to supply their old password before adopting a new one, thus preventing malicious users from changing another user's password to something familiar.
Email:
mcintyr@cs.montana.edu Last Updated: June 8th, 2005