Remember Me Check box: To Store authentication information safely?

I am writing a client side HTML page with jQuery that calls web services for va开发者_如何学Gorious activities on a server with a database.

I have a login page that ask for the usual username/password and I want to add a "Remember Me" checkbox. I was wondering what are the best way to store those information (username/password)? Is cookies a safe pratice?

Don't save neither user nor password. It's your site, you don't need them to validate a user if you make the appropriate arrangements:

1. Create a new database table to store remembered log-ins with at least:

   • A long unique random ID
   • The user ID

2. When the user checks the Remember Me box, generate a new entry and send back the long random ID.

3. When you receive a request from an anonymous user, check for the cookie and, if appropriate, log him in.

You can combine with as additional security checks you consider (store dates to remove old logins, IP checks...), but that's the general idea.

Yes, you have to use cookies, but only for storing user/session identificator.
All the data (is user permanently logged in? etc.) should be stored in database.
You should NEVER store passwords in cookies.