Help with question about web page access

From: Jerome H. Fine <>
Date: Tue Aug 17 21:18:06 2004

>Ashley Carder wrote:

> Cookies can be used to maintain information about a user one THEIR
> computer. This way the user does not have to re-enter the same
> information each time they visit a web site. For example, I use cookies
> on some of my personal sites so that a user can tell me his/her name when
> they first visit, then I drop a cookie on their system that contains their
> name and they never have to enter it again. On subsequent visits I just
> read for the cookie rather than asking them for their name again. I use
> this to identify a particular user on some sites where I like to know who
> visits, but where the site's not sensitive enough to implement a user id
> and password login process. This works fine in a "non-public" computer
> environment.

Jerome Fine replies:

Since I MUST always login with the userid / password (which is
the only data that stays the same), that can't be the use made of
cookies in this case. PLUS, I also did login from another system
(ONLY once) and accessed the account records after ONLY
the userid / password was supplied.

Could cookies have anything to do with what Netscape calls a
secure environment? The "LOCK" icon is "CLOSED" in the
lock position after start the login sequence.

In any case, cookies are REQUIRED and are used, though
I have no idea for what purpose! Can anyone who has used
cookies suggest a good reason for their use?

As for the environment, I would have to describe it as PUBLIC
since I suspect that I could login from anywhere in the world. Since
the ONLY things that can be done are to make sure that the expected
account entries are present PLUS I can transfer funds between
2 accounts, there doesn't (at least in my mind) seem to be a possible
way for anyone who might break the userid / password to steal any
funds - any actual withdrawal of funds MUST be done in person at
the bank. I even disabled (cut off the bottom half with the magnetic
stripe) the bank card, so I authorize withdrawals the old fashioned way -
I give the bank my signature on a piece of paper!

Sincerely yours,

Jerome Fine
If you attempted to send a reply and the original e-mail
address has been discontinued due a high volume of junk
e-mail, then the semi-permanent e-mail address can be
obtained by replacing the four characters preceding the
'at' with the four digits of the current year.
Received on Tue Aug 17 2004 - 21:18:06 BST

This archive was generated by hypermail 2.3.0 : Fri Oct 10 2014 - 23:36:34 BST