Abstract: Credentials for an account on a remote server requiring credentialed access by a client device are created, credentials are transmitted to the remote server, and response data including the credentials is received from the remote server, while restricting access to the credentials by the client device at all times. Session data transmitted by the remote server is also restricted from the client device to prevent side loading of session secrets onto client devices that may be used to attempt to gain unauthorized access to the remote server. Cookies are used to allow the client device to access more than one remote server without having to authenticate individually to each remote server.

Abstract: Credentials for an account on a remote server requiring credentialed access by a client device are created, credentials are transmitted to the remote server, and response data including the credentials is received from the remote server, while restricting access to the credentials by the client device at all times. Session data transmitted by the remote server is also restricted from the client device to prevent side loading of session secrets onto client devices that may be used to attempt to gain unauthorized access to the remote server. Cookies are used to allow the client device to access more than remote server without having to authenticate individually to each remote server.