posted 15 years ago
You could always hack the source code. But unless you have formal training in cryptology, I'd be very careful about "improving" their algorithm. Most "clever" amateur security schemes have basic fatal flaws in them. The industry-standard algorithms have all been mathematically vetted by pros. And even then occasionally a loophole gets discovered.
According to my estimate, the likelihood of anyone randomly constructing a sessionid identical to the one that JavaRanch is using for me is 37**32, which may not be a googol (sic), but it's close enough for all intents and purposes that given current CPU and network speeds, no one is likely to randomly hit on it in time to do any good (or harm).
Of far more import is whether or not you hide the sessionid by using https (encrypted) connections.
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.