Security drawbacks and proposals
| Kilandor |
|
|---|---|
|
I see no reason to remove any modes. You can simply double MD5 the password in session or cookie, or even salt+md5 it or something.
IP Sec, stops any stealing, unless the person is smart enough to spoof ip's. And well thats a risk for any system really. |
