Avoiding Remember me security issues

How do 开发者_开发知识库you avoid session hijacking and other problems with remember me on logins? One thing i know is to add a md5 or the useragent, but that's isn't a very good protection in itself... is there smthng else too?

My general rule is: Do not incorporate such an option in an application where the user's login would be more important than the loss of their computer itself.

So... StackOverflow.com account? No biggie; if I lose my computer, that won't be among the things I'm really worrying about.

OTOH... my online banking account? No way I want anything on my computer beyond the mere presence of a bookmark to help anyone gain access to that account.

My opinion is that the other things are OK if you have the time/effort, but their effectiveness isn't all that great when you consider that the real, ultimate problem would be someone who has literally gained possession of their computer.

p.s.: Please consider voting this answer up/accepting it as your answer if it's useful to you