|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: HarryM (harrym
the-group.org)Date: Tue Mar 05 2002 - 16:15:24 CST
I am a PHP developer, I use an MD5 hash of microtime(); to generate session
ids. I think it's pretty good. There's some chance that IDs could be guessed
but it's pretty remote imho. It could be complexified, perhaps by including
some random element or the remote IP. Either way, i feel that the delay
between hits, and hence the psuedo-random difference between microtime
values, is a good enough random element in itsself.
Harry M
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]