Most secure way to generate a random session ID for a cookie?

Posted by ensnare on Stack Overflow See other posts from Stack Overflow or by ensnare
Published on 2010-03-29T22:42:53Z Indexed on 2010/03/29 22:43 UTC
Read the original article Hit count: 232

Filed under:
|
|

I'm writing my own sessions controller that issues a unique id to a user once logged in, and then verifies and authenticates that unique id at every page load. What is the most secure way to generate such an id? Should the unique id be completely random? Is there any downside to including the user id as part of the unique id?

© Stack Overflow or respective owner

Related posts about sessions

Related posts about cookies