3812. Securely Implement Remember Me
Token

Implement Remember Me(auto login) in a secure way.

1. Storing Password

For an additional layer of security consider adding a second hashed value to your user table that is generated by concatenating the first token and the user’s User-Agent HTTP request header and then hashing. This should make it so the cookie can only be used by the same user agent and might help mitigate people stealing the cookie value like Firesheep does.

https://www.quora.com/What-is-the-most-secure-way-to-implement-Remember-Me-functionality-in-PHP

8. References

How to build (and how not to build) a secure “remember me” feature
Remember Me Features

3812. Securely Implement Remember MeToken

1. Storing Password

8. References

3812. Securely Implement Remember Me
Token