Link to home
Start Free TrialLog in
Avatar of koossa

asked on SECURE User Authentication

Good day

What is the most secure way to determine if a user is logged in or not on any of a website's pages?

On my login form I do something like the following:
  Private Sub Login1_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles Login1.Authenticate
    Dim sUsername As String = Login1.UserName
    Dim sPassword As String = Login1.Password
    If sUsername = "Test" Then
      Session("UserAuthentication") = "Blabla"
      e.Authenticated = True
      e.Authenticated = False
    End If
  End Sub

Open in new window

Is it secure enough to just check if Session("UserAuthentication") = "Blabla" on the other pages to determine if a user is logged in or not.
Is there a more secure way of doing this?
Avatar of Craig Wagner
Craig Wagner
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial