Forum

How to prevent Session and Cookie Hacking?

This thread contains 1 reply, has 2 voices, and was last updated by darshan.soni007 1 year, 6 months ago.

  • Author Replies
    • #53271

      How to prevent Session and Cookie Hacking?


    • #53273

      Hello Sonal,

      The session and cookie hacking can’t breach the database or the web application, but it can yield user accounts. A session is an entity triggered when users begin contact with a web server and consists of a period of communication between users and web application which is authenticated using security measures like a username and password.

       

      Steps to prevent hacking:

      -In order to prevent hackers from setting session ID’s prior to login, ID’s should be changed often, therefore, the session_regenerate_id() function should be used every time the user logs in, assigning them a fresh ID.

      -The risk of this hacking can be mitigated by revalidating a user who is about to perform sensitive tasks like resetting their password (i.e. by making them re-enter their old password).

      -If the user’s password is to be stored in a session variable, it needs to be encrypted (using the sha1() function).

      -If your web application is handling sensitive information like debit and credit card numbers, then practicing an SSL or any other secured connection can also prevent session and cookie hacking


Viewing 1 reply thread

You must be to reply to this thread.Please or . Registration is 100% free.

GET FREE CONSULTATION

Call Us Now For Free Consultation97370 05566

Our experts listen to you patiently and suggest you the right course after conducting a personality profile test. Register your interest below to schedule personality profile test for you.

SUBSCRIBE TO OUR NEWSLETTER

Contact Us

Working Hours

  • Monday9:00 AM – 9:00 PM
  • Tuesday9:00 AM – 9:00 PM
  • Wednesday9:00 AM – 9:00 PM
  • Thursday9:00 AM – 9:00 PM
  • Friday9:00 AM – 9:00 PM
  • Saturday9:00 AM – 9:00 PM
  • SundayClosed
Copyright 2016-2020 Smart Mentors. All Rights Reserved.

Login

FORGOT PASSWORD

Sign up now to Become An Instructor

Register your Interest