I am using PHP/CodeIgniter and Tank_Auth library for authentication both on site.com and via

Question

0

Asked: May 28, 20262026-05-28T23:33:37+00:00 2026-05-28T23:33:37+00:00

I am using PHP/CodeIgniter and Tank_Auth library for authentication both on site.com and via

0

I am using PHP/CodeIgniter and Tank_Auth library for authentication both on site.com and via the API, and a very basic REST API from Phil Sturgeon.

Right now when a user fills in username/password on Site1. It makes an API call like so:

http://site2.com/api/index/authenticate?username=jdoe&password=123456

On Site2.com: index/authenticate uses tank_auth library to compare username/password to what is stored in the database.

My Question:
Is there a standard to encrypt the password during submission and then decrypt on the other side? Or would an SSL certificate be sufficient?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-28T23:33:38+00:00

how about creating a hash of the 2 with some “salt”, pass that in the query string, then make sure it matches by running the same hash on the 2nd server.

http://site2.com/api/index/authenticate?username=jdoe&password=123456&cs=fds34wsef3ewtdfgw54ty43wg

make sure you keep the salt secret… not too sure about passing this in GET, especially passwords – maybe you could pass a separate id hash instead of the password. Definitely use POST though, and ideally SSL. The more you can obfuscate,encrypt the more secure this will be

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am using PHP/CodeIgniter and Tank_Auth library for authentication both on site.com and via

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply