Chapter 12 - Cookies, Sessions and Authentication Flashcards
1
Q
Fundamentally, HTTP is what kind of protocol?
A
A stateless protocol
2
Q
What is a session?
A
A major tool in maintaining information, for the duration of a user’s time on a website.
3
Q
What can a session be based on?
A
Duration or time or duration of browser session.
4
Q
How do sessions operate?
A
By passing a unique, random identifier between the client and the server.
5
Q
Why should session identifiers be kept private?
A
They often represent a logged-in state.
6
Q
What is the difference between hashing and encryption?
A
Hashed values cannot be recovered.
Encrypted values can.