Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Microsoft Related >> ASP.NET
  2. Suggest New Category

Do ASP.NET forms authentication cookies provide any protection against replay attacks? Do they, for example, include the client's IP address or anything else that would distinguish the real client from an attacker?

Question Posted / surendra singh


Do ASP.NET forms authentication cookies provide any protection against replay attacks? Do they, for ..

Answer / surendra singh

No. If an authentication cookie is stolen, it can be used by an attacker. It's up to you to prevent this from happening by using an encrypted communications channel (HTTPS). Authentication cookies issued as session cookies, do, however,include a time-out valid that limits their lifetime. So a stolen session cookie can only be used in replay attacks as long as the ticket inside the cookie is valid. The default time-out interval is 30 minutes.You can change that by modifying the timeout attribute accompanying the <forms> element in Machine.config or a local Web.config file. Persistent authentication cookies do not time-out and therefore are a more serious security threat if stolen.

Is This Answer Correct ?    0 Yes 0 No

Post New Answer

More ASP.NET Interview Questions

What is session handling in a webfarm, how it can work with its limits?

0 Answers   Siebel,

What is postback in asp net?

0 Answers  

What is a url string?

0 Answers  

What is protected configuration?

0 Answers  

What is view state and how it works in asp net?

0 Answers  

What are the new features implemented in ASP.NET?

0 Answers   TCS,

What is Difference between Callbacks and Postback in ASP.NET?

1 Answers   Patni,

how can u display multi language (i.e english,spanish...) web site?

2 Answers  

AJAX - explain the concept and some controls like update panel, tabcontrol etc

2 Answers   Syntel,

please give a brief knowledge about these events ? page_render() page_prerender() page_unload page_loadcomplete page_preinit

1 Answers   Netsweeper,

how to use web services with code?(with example code)

1 Answers   Accenture,

What is viewstate in asp net with example?

0 Answers  

For more ASP.NET Interview Questions Click Here
Categories