#708 - Increase complexity of session IDs This is a spacer post for a website comment topic. The content this topic relates to: #708 - Increase complexity of session IDs By Guest posted 28th Jul 2012, 4:52 PM Do not fill this field in. Additionally, disabling "Enforce IP addresses for sessions" is bad because if someone does manage to intercept or steal your session ID, they can use that directly. They should not be able to do, but it is better safe than sorry. By Guest posted 29th Jan 2025, 12:42 PM Side note: Session ID complexity was increased even further in v11. In v10, IDs were 13 character hexadecimals (base 16). In v11, it has been increased to 13-character base 32 (0-9 and a-z except 0, o, 1, and l). 0 guests and 0 members have recently viewed this. Sort: Relevance Newest first Oldest first Rating Popularity
In v10, IDs were 13 character hexadecimals (base 16). In v11, it has been increased to 13-character base 32 (0-9 and a-z except 0, o, 1, and l).