Experts,
专家,
We want a more secure login system for our future projects, rather than using session states to tell if the user is logged in or not. If my understanding is correct, once a user is authenticated via forms authentication, a cookie is generated on the users machine. How secure is that? Is the cookie susceptible to a form of hijacking similar to session hijacking? What if the user doesn't accept cookies? Is there a better method I should take a look at?We want a more secure login sy