peoppenheimer: For I am a Bear of Very Little Brain. (bear)
peoppenheimer ([personal profile] peoppenheimer) wrote in [community profile] getting_started2011-05-17 10:55 pm
  • Add Memory
  • Share This Entry
  • Current Mood: curious

Bind cookie to IP address

The login page has a login option to bind cookie to IP address. If there's a help FAQ about this, please direct this bear of little brain to it. Otherwise, I'd be grateful for a bit more explanation.
Flat | Top-Level Comments Only
zdashamber: painting - a frog wearing a bandanna (Default)

[personal profile] zdashamber 2011-05-18 07:38 am (UTC)(link)
I'm not sure if there's a FAQ about it, of if this answers your question, but in an effort to be helpful: I think the idea is that if you bind the cookie to the IP address, you will only remain logged in from the point of view of that internet connection. So if you go to a friend's house or the library, where you have a different IP address, then you will not be logged in.
pne: A picture of a plush toy, halfway between a duck and a platypus, with a green body and a yellow bill and feet. (Default)

[personal profile] pne 2011-05-18 11:45 am (UTC)(link)
So if you go to a friend's house or the library, where you have a different IP address, then you will not be logged in.

Even if you use the same computer (e.g. you take your laptop along and use somebody else's wi-fi).

Depending on your internet connection, it might not even work from day to day; some Internet providers make you reconnect regularly (e.g. every 24 hours, at the latest) and give you a new IP address each time you reconnect.

The main idea, though, I think, is a security thing. If somebody steals a login cookie (by listening in on the wire - even easier if the "wire" is the air, if you're on wi-fi), they can basically log in as you. But if the cookie is tied to your IP address, they can't do that any more since their IP address will be different and the cookie they stole won't "work" for that connection.
peoppenheimer: A photo of Paul Oppenheimer at the Australasian Association of Philosophy meeting. (Default)

[personal profile] peoppenheimer 2011-05-19 12:24 am (UTC)(link)
Thanks to you both. Examination of the cookies reveals that none of them contains an IP address, unless it's encrypted. However, after having logged out of all sessions and deleted all cookies, I am no longer seeing the option of binding the cookie to the IP address, so I can't perform the experiment of creating new cookies to see whether they contain an IP address. In any case, both of your replies were helpful.
azurelunatic: Vivid pink Alaskan wild rose. (Default)

[personal profile] azurelunatic 2011-05-19 05:35 am (UTC)(link)
It wouldn't have to be stored on your end: on Dreamwidth's end, it can just say "this login cookie should only be used by that IP address" and go from there.
peoppenheimer: A photo of Paul Oppenheimer at the Australasian Association of Philosophy meeting. (Default)

[personal profile] peoppenheimer 2011-05-19 06:10 am (UTC)(link)
Yes, indeed. Thank you.
azurelunatic: Vivid pink Alaskan wild rose. (Default)

[personal profile] azurelunatic 2011-05-19 05:35 am (UTC)(link)
Unless they're also behind your router, of course.
pne: A picture of a plush toy, halfway between a duck and a platypus, with a green body and a yellow bill and feet. (Default)

[personal profile] pne 2011-05-19 07:01 am (UTC)(link)
True; I hadn't been thinking of NAT situations.
Flat | Top-Level Comments Only