Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am looking for the best most recent way to secure access to a website with a database. The website is built in PHP and Mysql. Currently, I’m thinking of using md5 and salt or blowfish and salt.
I don’t have a ssl server yet so I am not looking at that. I just need to make sure the data is safe.
This may not be entirely helpful, but if you’re trying to secure access generically, it’s probably best to use Apache mod_auth or something similar at the server level rather than trying to write your own authentication system.
Even if you do choose to use a php/mysql authentication system, I’d still advise you not to write your own, but to use a framework (symfony, etc.) or package that has these capabilities built in.
Securing authentication to a website properly is a very large subject with many pitfalls and I’d say it’s far better to work with an accepted standard vs. rolling your own.