Possible Duplicate:
How to Securely Implement a “Remember Me” Feature?
I have a program that communicates with a server. The user must log in with the application which runs on their computer, the application will send their username and password to the server (over TLS of course) and the server will log them in.
I want to offer a "remember my username/password" feature, so that after logging in once, they don't have to log in any more, much like Dropbox or web browsers or many other programs do. How can I implement this securely? I have to send the actual password to the server, not the hash, so I can't store an hash, and if I encrypt it then I have the same problem with storing the key.
Forgive me if this is a duplicate, I searched and couldn't find one.