Page 1 of 1

Is it secure to pass sensitive info thru session variables?

Posted: Tue Mar 03, 2015 11:38 pm
by girishsonar
I am trying to pass username and password and also userid thru session variables. However before sending i am encrypting it. Is it possible that this info be intervened? Is it secure?
Else what is most secure method?

Re: Is it secure to pass sensitive info thru session variabl

Posted: Wed Mar 04, 2015 6:06 am
by Celauran
Sessions are stored server side, which helps. You probably don't want to be passing people's passwords around.