Page 1 of 1

SessID encryption!

Posted: Wed Apr 21, 2004 1:12 pm
by Joe
I am in the process of studying deep about SessionID's in PHP. I have thought about encrypting SESSID's and decrypting them whenever needed in order for extra security. The only problem is that I dont know where to start. Does anyone know any good references or ways to go about this technique.


Regards


Pr0zaK

Posted: Wed Apr 21, 2004 2:53 pm
by lostboy
mycrpt is a possibility for bi-directional encryption/decryption...

Otherwise MD5() is fine for one way encnryption (like a password stored in a db...encrypt in on registration and then compare an md5 encrypted user submitted password to the db value

Posted: Wed Apr 21, 2004 2:56 pm
by Weirdan
I wonder why one would encrypt sessid... it's a hash already.

Posted: Wed Apr 21, 2004 3:05 pm
by Steveo31
^ yea, I don't really see why you would want to. Will you elaborate?