Definition

session ID

TechTarget Contributor

By

TechTarget Contributor

A session ID is a unique number that a Web site's server assigns a specific user for the duration of that user's visit (session). The session ID can be stored as a cookie, form field, or URL (Uniform Resource Locator). Some Web servers generate session IDs by simply incrementing static numbers. However, most servers use algorithms that involve more complex methods, such as factoring in the date and time of the visit along with other variables defined by the server administrator.

Every time an Internet user visits a specific Web site, a new session ID is assigned. Closing a browser and then reopening and visiting the site again generates a new session ID. However, the same session ID is sometimes maintained as long as the browser is open, even if the user leaves the site in question and returns. In some cases, Web servers terminate a session and assign a new session ID after a few minutes of inactivity.

Session IDs, in their conventional form, do not offer secure Web browsing. Skilled hackers can acquire session IDs (a process called session prediction), and then masquerade as authorized users in a form of attack known as session hijacking.

This was last updated in January 2006

Continue Reading About session ID

David Endler discusses session IDs and explains how they can be exploited.

Jan Wolter offers a guide to Web authentication alternatives.

Dig Deeper on Agile, DevOps and software development methodologies

Cloud Computing

What does a cloud network engineer do?
A cloud network engineer juggles a number of responsibilities -- from network design and troubleshooting to learning about ...
3 rules to avoid high multi-cloud integration costs
When using multiple cloud providers, integration costs can grow quickly. To prevent billing surprises, enterprises must carefully...
Oracle databases in OCI now run on Microsoft Azure
A new partnership between two enterprise technology giants adds Oracle's hardware and software for Microsoft Azure customers, as ...

App Architecture

What to know about building microservices with ASP.NET Core
It's optimized for containerization, integrates with the cloud and works on multiple platforms. Does ASP.NET Core deserve a place...
Rust vs. C++: Differences and use cases
C++ was mature before Rust even existed. Does that mean developers should switch from C++ to Rust? Not always.
3 critical stops on the back-end developer roadmap
When it comes to acquiring the skills needed to be a proficient back-end developer, there are no shortcuts. Some of the topics to...

ITOperations

What Cisco's Splunk acquisition means for app modernization
Cisco's networking prowess and Splunk's data analytics power will now be under one roof. Here's what can IT teams expect with ...
The benefits of uniting product management with DevOps
If organizations can bring product managers deeper into the DevOps lifecycle, it can offer a competitive edge. But they must ...
Get started with Argo CD workflow examples for Kubernetes
Argo CD workflows can make managing Kubernetes clusters simpler and more efficient. Learn how to install Argo CD and set up an ...

TheServerSide.com

Idempotent HTTP methods and REST
The Hypertext Transport Protocol requires all HTTP verbs to identify as idempotent or not. But what is an idempotent method, and ...
Understanding TypeScript generics
Programming languages such as Java, C# and Swift use generics to create code that's reusable and enforce type safety. In this ...
5 tips and career advice for young tech professionals
Want to be taken seriously as the youngest member of a tech team? Start networking, don't be afraid to ask questions and polish ...

SearchAWS

AWS Control Tower aims to simplify multi-account management
Many organizations struggle to manage their vast collection of AWS accounts, but Control Tower can help. The service automates ...
Break down the Amazon EKS pricing model
There are several important variables within the Amazon EKS pricing model. Dig into the numbers to ensure you deploy the service ...
Compare EKS vs. self-managed Kubernetes on AWS
AWS users face a choice when deploying Kubernetes: run it themselves on EC2 or let Amazon do the heavy lifting with EKS. See ...

Close