I have a PHP application where I’m the Admin and Developer. In order to troubleshoot users’ problems, I’m going to have to log in as them at times: I’m trying to figure out the most secure way to do this. One thought that I had was to have a cookie that I set in my own browser. Then, I could write a script that will automatically log me in using the just the user’s username (I don’t have access to the passwords since they’re encrypted) assuming that the browser cookie is available.
Does this seem like a secure approach? Or might there be a better way?
No it doesn’t. That approach provides a backdoor into everyone’s account which by definition is a security hole.
What would work without creating that hole would be if you add a change user option into the admin options that changes your access to that of the username you enter so that you switch from being logged in as administrator to being logged in as them. Of course to switch back you’d need to logout and log back in again.
Thank you! I’ll definitely follow your suggestion and implement that approach. Just out of curiosity though, why is this more secure than someone trying to “guess” a cookie in my browser. Assuming everything goes over https how could an attacker get hold of the cookie?
It is more secure because it requires actually logging in as administrator first rather than just having to obtain access to a cookie value such as by stealing your computer or breaking into your computer via the internet connection - even if they do either of those it still doesn’t give them access to anyone’s account - whereas if they get the cookie they have access to everyone’s account.
Thank you for clarifying the weaknesses in my first approach. Enjoy your weekend!
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.