To Avoid Session Hijacking after a user has logged In , what information can i rely on during login process to validate that indeed the legitimate user. So that someone who intercepts the session to relay will be invalidatedAre their Ip address and Browser Information good enough for it ?
Securing Sessions using unique information
- Thread starter boogirl
- Start date