[madjar]

The first answer mentions a couple of time that any token given to the user (for remember-me login or password reset) should be hashed in the database.

Would it be possible to replace the whole storing by signing the token with some private key, so that the validity of the token can be checked without having to compare it to some stored value ?

[jahewson]

Yes, you could use an HMAC for this, however you need to keep the private key, well... private, which in practice is not easy. If the server is compromised, an attacker could steal the secret key and use it to generate signed cookies for any user. This method is also subject to reply attacks for the duration of the token's validity, though that is less relevant with SSL.

Whereas if only token hashes are stored in the database, then the entire database could be stolen and nobody can use it to generate valid cookies.

EDIT: Also, if an account goes rogue you have no way to invalidate its cookies, so you'll have to do a lookup for each request to see if the account is blocked.