What is the best way to handle user logins...Should I use cookies or session variables. I am looking for the best secure way. Currently, I am using this at the top of my pages
'Below checks to ensure that the user is logged in.
if session ("username") = "" then
response.redirect "???.asp?msg=" & server.urlencode("Login Failed--Invalid Username or Password. No Matches Found.")
elseif session ("password") = "" then
response.redirect "????.asp?msg=" & server.urlencode("Login Failed--Invalid Username or Password")
else
any suggestions
Thanks
'Below checks to ensure that the user is logged in.
if session ("username") = "" then
response.redirect "???.asp?msg=" & server.urlencode("Login Failed--Invalid Username or Password. No Matches Found.")
elseif session ("password") = "" then
response.redirect "????.asp?msg=" & server.urlencode("Login Failed--Invalid Username or Password")
else
any suggestions
Thanks