Abstract implementation of the {@code RememberMeManager} interface that handles {@link #setSerializer(hunt.shiro.io.Serializer) serialization} and {@link #setCipherService encryption} of the remembered user identity. <p/> The remembered identity storage location and details are left to subclasses. <h2>Default encryption key</h2> This implementation uses an {@link AesCipherService AesCipherService} for strong encryption by default. It also uses a default generated symmetric key to both encrypt and decrypt data. As AES is a symmetric cipher, the same {@code key} is used to both encrypt and decrypt data, BUT NOTE: <p/> Because Shiro is an open-source project, if anyone knew that you were using Shiro's default {@code key}, they could download/view the source, and with enough effort, reconstruct the {@code key} and decode encrypted data at will. <p/> Of course, this key is only really used to encrypt the remembered {@code PrincipalCollection} which is typically a user id or username. So if you do not consider that sensitive information, and you think the default key still makes things 'sufficiently difficult', then you can ignore this issue. <p/> However, if you do feel this constitutes sensitive information, it is recommended that you provide your own {@code key} via the {@link #setCipherKey setCipherKey} method to a key known only to your application, guaranteeing that no third party can decrypt your data. You can generate your own key by calling the {@code CipherService}'s {@link hunt.shiro.crypto.AesCipherService#generateNewKey() generateNewKey} method and using that result as the {@link #setCipherKey cipherKey} configuration attribute.