I'm trying to create a secure 'remember me' login function on a classic ASP site.
I know that session variables are stored on the server - are they encrypted, and are the persistent, or unique with each login?
i.e. If I create a session with a value of 1, is this stored as encrypted on the server or is it stored as 1? if encrypted is it stored as a uniquw value each time?
I ran a test as shown below;
In chrome I could see that Test = 1
What would be the best way to do this? I don't want to store usernames and passwords in cookies...
The user table has
Shah1 encrypted password