Jump to content

Recommended Posts

Posted

Hey!

 

I joined heliohost a few hours ago and felt like making my first post a useful one. The links go to a dreamincode.net PHP tutorial on how to create a professional and (relatively) secure login script. Unfortunately, the last part of it is missing, but the plan is very well outlined in the first post so you will probably be able to figure out the rest.

 

http://www.dreamincode.net/forums/topic/54...in-design-pt-1/

http://www.dreamincode.net/forums/topic/54...gin-design-pt2/

 

Cbeppe.

Posted

Be aware of how they store passwords though... in the article, he stores them plaintext in an SQL database, and on the bottom he recommends using md5 encryption for passwords. This might be the easiest, but it's very vulnerable.

 

Other than that, it's a great link. Thanks.

 

Cbeppe.

Posted

you can add a secret string and md5() to password (bevore INSERT and SELECT)

 

$mypassword = mysql_real_escape_string($mypassword);

$sec_str = "b2Tz8Uk3EvkMx"; // just an example secret string

$mypassword = md5($mypassword.$sec_str);

 

this way the password is safer than md5() only

Posted

Your welcome :)

 

Yes, I recommend MD5 just to prevent hacking. You might also want to hash the MD5 a bit more with another method, to make it extra secure if you feel it is important for security to be at it's best (like running a free web host with 20,000 users :lol:).

 

MD5 is hard to reverse unless it is a dictionary word, making it a good hash but (as I said above) more encryption on the MD5 I think is available.

Posted

As bgcomuf said, use the

 

md5(salt+Password)

 

If you want more security ,then try:

 

md5(md5($salt).md5($pass))

or

md5($salt.md5($salt.$pass))

or

md5(md5($salt).$pass)

 

Also try SHA1,SHA-256.

---

Also The user should enter strong password.

Force the user to set strong password(with special character,case combination,numbers).

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...