douqianmin5367 2011-03-11 23:52
浏览 22
已采纳

我的持久登录方法是否安全?

I'm very much stuck with the reasonable secure approach to implement 'Remember me' feature in a login system. Here's my approach so far, Please advice me if it makes sense and is reasonably secure:

Logging:

  1. User provides email and password to login (both are valid).. Get the user_id from DB Table Users by comparing provided email

  2. Generate 2 random numbers hashed strings: key1, key2 and store in cookies. In DB Table COOKIES, store key1, key2 along with user_id.

To Check login:

  1. If key1 and key2 both cookies exist, validate both keys in DB Table COOKIES (if a row with key1, and key2 exists, user is logged).

  2. if cookie is valid, regenrate key2 and update it in cookie and also database.

Why re-genrating key: Because if someone steals cookie and login with that cookie, it will be working only until the real user login. When the real user will login, the stolen cookie will become invalid. Right?

Why do I need 2 keys: Because if i store user_id and single key in cookie and database, and the user want to remember the password on another browser, or computer, then the new key will be updated in database, so the user's cookie in earlier browser/PC will become invalid. User wont be able to remember password on more than one place.

Thanks for your opinions.

  • 写回答

4条回答 默认 最新

  • dousongxuan7507 2011-03-12 00:18
    关注

    Your scheme is based around cookie theft paranoia. There are really only three ways to steal cookies:

    1. Man-in-the-middle attacks.
    2. Cross-site Scripting or similar vulnerabilities that let arbitrary code run in the security context of your site.
    3. Physical access to the machine with the browser.

    We'll also classify malware as physical for our purposes.

    Let's not worry about physical security. If a user loses control of his machine, he's going to have plenty more problems than worrying about your website!

    Let's also not worry about XSS, blindly assuming that you're already doing all you can to prevent it.

    That leaves MITM attacks.

    One of the best (read: only) protections you can get against MITM attacks is SSL. If you are truly worried about MITM, you should be serving your entire site over SSL.

    You don't need two of your own cookies. You just need the session cookie and a Remember Me cookie, which, by the way, you can simply store in a many-to-one table. This prevents the forced one-to-one relationship between users and Remember Mes.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 制裁名单20240508芯片厂商
  • ¥20 易康econgnition精度验证
  • ¥15 msix packaging tool打包问题
  • ¥28 微信小程序开发页面布局没问题,真机调试的时候页面布局就乱了
  • ¥15 python的qt5界面
  • ¥15 无线电能传输系统MATLAB仿真问题
  • ¥50 如何用脚本实现输入法的热键设置
  • ¥20 我想使用一些网络协议或者部分协议也行,主要想实现类似于traceroute的一定步长内的路由拓扑功能
  • ¥30 深度学习,前后端连接
  • ¥15 孟德尔随机化结果不一致