Is it safe to log in with a link?

S

Space2018-02-08 09:05:13

Information Security

Space, 2018-02-08 09:05:13

Sometimes you need to log into someone else's system account to check that everything is working properly for the user. Laravel has such a function that you can log in to someone else's account by id.
The previous developers created a login link like site.com/loginvbng24fdsfs?id=1 , where id is a unique user number.
Is it safe to use this login or do I need to log into user accounts in some other way? Can attackers somehow recognize this link, for example, in the browser history?
Perhaps someone will tell you how to make a secure and FAST login to accounts. The password is encrypted, and it takes a long time to manually decrypt it each time for each user.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

Stalker_RED, 2018-02-08
@ruslite

Not safe. At least it's worth changing to post - fewer traces in the logs, and generally harder to attack. It is also desirable to check some additional parameters, such as "secret admin cookie" or entry in the session. And it's even better to cut out this possibility altogether - what a Middle Ages, damn it, instead of normal testing.