>Ashley Carder wrote:
> Cookies can be used to maintain information about a user one THEIR
> computer. This way the user does not have to re-enter the same
> information each time they visit a web site. For example, I use cookies
> on some of my personal sites so that a user can tell me his/her name when
> they first visit, then I drop a cookie on their system that contains their
> name and they never have to enter it again. On subsequent visits I just
> read for the cookie rather than asking them for their name again. I use
> this to identify a particular user on some sites where I like to know who
> visits, but where the site's not sensitive enough to implement a user id
> and password login process. This works fine in a "non-public" computer
> environment.
Jerome Fine replies:
Since I MUST always login with the userid / password (which is
the only data that stays the same), that can't be the use made of
cookies in this case. PLUS, I also did login from another system
(ONLY once) and accessed the account records after ONLY
the userid / password was supplied.
Could cookies have anything to do with what Netscape calls a
secure environment? The "LOCK" icon is "CLOSED" in the
lock position after start the login sequence.
In any case, cookies are REQUIRED and are used, though
I have no idea for what purpose! Can anyone who has used
cookies suggest a good reason for their use?
As for the environment, I would have to describe it as PUBLIC
since I suspect that I could login from anywhere in the world. Since
the ONLY things that can be done are to make sure that the expected
account entries are present PLUS I can transfer funds between
2 accounts, there doesn't (at least in my mind) seem to be a possible
way for anyone who might break the userid / password to steal any
funds - any actual withdrawal of funds MUST be done in person at
the bank. I even disabled (cut off the bottom half with the magnetic
stripe) the bank card, so I authorize withdrawals the old fashioned way -
I give the bank my signature on a piece of paper!
Sincerely yours,
Jerome Fine
--
If you attempted to send a reply and the original e-mail
address has been discontinued due a high volume of junk
e-mail, then the semi-permanent e-mail address can be
obtained by replacing the four characters preceding the
'at' with the four digits of the current year.
Received on Tue Aug 17 2004 - 21:18:06 BST