"DoN. Nichols" wrote in message
...

If I were generating cookies which could be used to access
personal information, I would probably start with the process ID and the
unix raw date, with the digits interleaved by some pattern, and then run
a MD5 checksum on it to generate the actual cookie numbers. Depending
on how serious the stored data was, I would probably toss another few
randomizers into the game.


Seems to me (and I am no expert), that the ability to access personal info
should be blocked from cookie access. To get to that data you should have
to log in with password and ID. To do it otherwise seems to me to invite
trouble

--

Roger Shoaf

About the time I had mastered getting the toothpaste back in the tube, then
they come up with this striped stuff.