The correct answer is: False
The value of a hidden form field can be easily read by anyone viewing the page source. An attacker can look through Web pages stored in a computer's cache and use or change the value in order to try to fraudulently access other information. The correct way to handle sensitive information is by using session variables or a temporary database record.
<< Back to quiz
This was first published in June 2005