Whenever we log into a website, the server and browser exchange a so-called session ID to identify the visit.
What kind of session ID might webmasters use to prevent hacking?
Yes! If a session ID is lengthy, unique, and difficult to guess, we'll have a hard time trying to hijack it.
Oh no! If a session ID is easily guessed, you can hijack it and access another user's visit.