I have been trying to make a secure login for my site that I am developing.
I just cant get it to work, I use MySQL databases with PHP.
I can make the form to add the user and their info to the database but I can’t seem to make it work with the login.
What type of encryption is used with HTML <input type="password">?
How do I keep the User logged in throughout their visit to my site?
I how do I securely check if it is the right password that matches the username?
I have been doing PHP for maybe a year now, I just haven’t learned this part yet so it would be nice to know.
None. The input is just masked to protect against “Looking at the monitor” attacks.
If you want security, transmit your data over HTTPS (HTTP with SSL).
Most people use cookies.
Securely?
Don’t use a shared server. Follow the normal steps for keeping data on that server secure. Store passwords as hashes, not as plain text.
Check?
Convert the submitted password to the matching hash, then compare as normal. Assuming you store the data in a database, just SELECT FROM users WHERE user=? AND password=? and count the number of rows you get back.