Ian Bicking: the old part of his blog


Because hashed passwords are hard to work with. Frequently a password is stored in a hashed form, so you'd have to be sure to hash the cookie in the exact same way, or do some sort of double-hashing. There are also many situations where you need the actual password to authenticate the person.

I have thought about storing some more arbitrary authentication, though -- basically hashing the username with a secret key. Then this would take the place of a password -- we'd rely on the fact that sometime in the past (when we originally set the cookie) the user had authenticated themself, and this the signed hash proves it is the same user. (Well, actually just the same browser, but that's a different issue)

If you store the password you also allow a person to implicitly invalidate persistent logins by changing the account's password.
Comment on Homebrew encryption
by Ian Bicking