Quote:
|
Originally Posted by Varius
Someone just suggested to me verifying the IP is the same as the one when the session got created, which I think is a good idea for extra security and we will implement.
|
Of course for anyone using a proxy service like AOL, you will be screwing them. It's a good idea in theory, just not very practical. Creating a cookie on login would probably be a better idea.