Tampering, Stealing cookies protection in ASP.NET 2.0

G

Guest

Hello,

I need to know how to protect cookies from tampering or stealing.

I want to ensure the cookie is binded to a particular client only. Only the
requested client should have access to the cookie.

if the cookies is stolen & used on another machine for the same website, it
should not allow the cookie to be read

Any thoughts are welcome.
 
B

Brock Allen

Use SSL to prevent stealing.

Encrypt the data in the cookie to prevent viewing.

MAC protect to prevent tampering.

Put an expiration date in the data in the cookie and check for expiration
in your code to ensure valid timeout.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

cookies in asp.net 2
RequireSSL set to true, some cookies not marked as secure 0
how asp.net set cookies? (http level) 1
Me.Context.Request.Cookies value doesn't match what's in cookies file 1
"Disappearing cookies": any change in ASP.NET 2.0? 2
Folder protection with webconfig 0
Asp.net 2.0 - Cookies 2
'securing' cookies/login info 5

Members online

Total: 32 (members: 2, guests: 30)
Robots: 222

Forum statistics

Threads
473,756
Messages
2,569,535
Members
45,008
Latest member
obedient dusk

Latest Threads

Top