Please let me know if there is any way of doing this. Thanks in Advance Hello there, Why don't you use Session managment provided by and y...Session vs Cookie State management I have always been confused by this, even when I use PHP.ASPXAUTH=;") but nothing seems to be implemented and/or working for doing so in the server side.The final idea is that if someone steels that ticket In particular, I'm working in C# but as it's rellated to the Dotnet Framework any implementation of the solution would be OK; I tried all the possible things and nothing worked out, even invalidating the session but nothing. You are using authentication mode as forms right thats why your ticket is named .I have an application that uses forms authentication and a persistent cookie to log in users (admin and non-admin) .However, I believe that one of our admin passwords (to edit the site) was stolen. My problem is that the cookie created by the previous authentication should be sitting in a computer somewhere.
All this has led me to conclude that temporary cookies are managed in memory & are the way sessions are managed.You could also change the name of the cookie in the element of web.config so you'd ignore the old cookie, but this won't deter a determined hacker.And it will force all users of your site to reidentify themselves. Net Profiler Here is the situation with the customized profiler.// Nothing to do if the user is not yet authenticated if (! DLL" and there is a web site that is using this dll. Config for this website is as follow:'s request for superreview: Bug 220067: Cookie Manager: sort by Cookie Name should be case-insensitive
id=220067 Attachment 132082: Case insensitive sort for the cookie manager Group together domains in Tools|Cookie Manager|Manage Stored Cookies Name: crayon Product: Sea Monkey Summary: Group together domains in Tools|Cookie Manager|Manage Stored Cookies Comments: I would like to see the dialog "Tools|Cookie Manager|Manage Stored Cookies" enhanced by grouping together the domains so that all the cookies for one domain and be selected easily for deletion.
If you don't mind modifying your app, you could change it to check for cookies with an Issue Date older than the date you changed the password, and force the user to reidentify himself.