subject:"\[PHP\-DB\] Safe \/ Secure Login Script"

Re: [PHP-DB] Safe / Secure Login Script

2004-10-05 Thread Gavin Amm

Sorry, I always forget to reply all... Original message bellow... -Original Message- From: Gavin Amm Sent: Tuesday, 5 October 2004 3:55 PM Subject: RE: [PHP-DB] Safe / Secure Login Script 1. Personal preference, but you may find sessions a better option (does not store user data (like

Re: [PHP-DB] Safe / Secure Login Script

2004-10-05 Thread Brian

You should definately not set a cooking containing the encrypted password, anyone that's able to grab that cookie can set to work brute forcing the password. On Sun, 3 Oct 2004 13:11:00 -0700, Wendell Frohwein <[EMAIL PROTECTED]> wrote: > I have been writing php code for about 2 years now. I have

Re: [PHP-DB] Safe / Secure Login Script

2004-10-04 Thread Andrew Kreps

On Sun, 3 Oct 2004 13:11:00 -0700, Wendell Frohwein <[EMAIL PROTECTED]> wrote: > 10.) At wait.php, a cookie is set containing the user id, user name, and > encrypted pass. I don't know that I would set a cookie containing such easily identifiable information, especially if the user name is clearte

[PHP-DB] Safe / Secure Login Script

2004-10-03 Thread Wendell Frohwein

I have been writing php code for about 2 years now. I have a login script that I have written for my clients. I just would like to know if there is a better / safer way of logging people into websites. This is my current method. 1.) Username and Password are entered in an html / php form usin