Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have an authorization system in PHP, where accounts with a certain security clearance can upload and download files. In the files directory, there is a .htaccess with a deny from all, and disabling PHP.
The security clearance is simply a entry in MySQL. How secure is this? And How can I add more security?
As long as you implemented it correctly, it is as secure as you’re going to need it to be.
If you want to make the password more secure you can do two passwords each of 255 characters. It will be incredibly close to impossible to crack by brute force.
Another thing you can do is record information about when somebody tries more than say, 30 passwords without getting it right, and block their ip and store a cookie that tells you they are trying to hack and which account they were tryin to access