Hi, I'm learning PHP but still a newbie and I'm trying to jump ahead of myself as usual. Problem is with security - I'm paranoid about it. I've personally cracked the online security systems of many huge companies (AOL and Virgin to name a couple), and reported the faults to the relevant authorities of course, but the point is, I did it with almost no programming knowledge, just out of awareness, quick reactions, general computer literacy and a bit of arithmetic. Considering this, I've read a few tutorials and seen comments beneath them about certain code having been depreciated in favour of newer things, so you can see why I'm afraid to use the first script I find. Anyway, I'm still a newbie, so any knowledge/resources about secure PHP login methods would be much appreciated. Please share ur skills and experience in this thread. The simpler the better, but please, don't compromise on security!
There are a few good tutorials about this. Try phpfreaks.com or http://www.digg.com/programming/HOW_TO:_Create_a_secure_PHP_login_script
http://www.google.co.uk/search?q=php+secure+login+script If you're really paranoid then look into Kerberos and other systems, but that's not for novices.
thanks for the links, those were the first things i found in google too. have you read the comments about them? they don't look promising! that's why i turned to the informative advice of this forum
You get what you pay for... If it's crucial, then hire a consultant. Otherwise, one of those, combined with a secure server, will do the job. Also see: http://pear.php.net/package/Auth/redirected And this thread about PKI: http://forums.digitalpoint.com/showthread.php?t=22807
i think better advice can be found for free on the internet than from a hired consultant who has direct monetary incentives to worry about. similar to lawyers - most will charge you 1000s for their garbage terms n conditions. same as most consultants in any industry. here, though, i'm looking for genuine, impartial advice and i believe that this forum has some experienced members who could consider giving it the php.net link would be useful if i wanted to download a package and just press go, but i want the simple code that it's based on without too many misc bells. while the link to the other thread was an interesting read, it didn't contain the basic information i'm after. all i want is complete, simple, basics that don't lack security. i wonder if that's too much to desire...
No, that's not too much to desire, it's just nearly impossible to satisfy. Secure often != simple. Buying a solution means someone is accountable, that should settle your 'paranoia'. If you opt for 'open Source' you'll never know whether it's water tight. It probably never is. Remember the guy from England hacking in to the US defense systems? There's no such thing as 100% secure. So your best bet is any of those simple scripts and then keeping in mind one day you WILL be hacked. Knowing that fact and planning in advance (don't keep sensitive data online, good backups, etc.) can spare you the paranoia.
Is that the BEST bet or a random and uninformed bet? I can see you're losing your patience with me. Thanks for the help so far though. I will of course be studying most of those scripts above but I'm just trying to make a better bet by asking here too...
This discussion is bound to become circular. The problem is that all login systems rely on a combination of user name and a password. You can make those of increased complexity. As the complexity grows, the difficulty of correctly guessing either one increases. However, the more complex the user name and password, the more likely it is to be tacked to a bulletin board near the user's desk. Clearly, no matter how good your system, you cannot protect it against human engineering. Partial protection would come from forcing your users to have static IP addresses and to only access your system from those IP addresses. One way around the complexity problem is to force users to use some kind of password-username manager program. This way user names and passwords could be massively complex -- dozens if not hundreds of "web safe" characters in length. You could beef up the system by directing all log-ins via secure pages -- https. Not all are the same strength, so shop around looking for the beefiest. MySql is a theoretical problem. However, if you allow only a single user to access that specific MySql database and that user is only allowed to do so from the localhost you will greatly cut down attack vectors. Make sure the user name and password is massively complex. Putting MySql on a machine on a LAN behind a hardware firewall and with no other listening services and never accepting connections from outside the LAN would further improve security. As for the PHP entry page. You can improve login security by hiding the login form on a secret page. Make it more secure by creating a different secret page for each individual user and never accepting a connection from that user unless it comes through their secret page. Make sure there are no public links to that page or to the user pages. You could add an additional layer of complexity by saving a key value in a cookie placed on the users computer each time they log in. That value would never be duplicated from one user to the next nor from one session to the next. The value in the key could be used with the user's password and.or name to determine the value of a secret result stored in your MySql database. If the value is correct the user gains access. If it is incorrect, the user is denied access. The best solution, however, is to not allow user access of any sort. You cannot be hacked -- even with luck and some math skills..
some very useful comments there, thanks clancey. human error will always be the main weakness i might try to limit the ISP (2 or 3 octects of the IP). IPs can still be spoofed though i don't know much about https but i hear it costs money, and my site will be on a shared server at first so i can't do much for firewalls seperate hidden login pages for each user - i had a similar thought one time but never properly considered it. i think it has great potential. i think the cookies are a must for security, although i hear that the connection can be sniffed and the cookie can be caught from outside somehow the best solution - not allowing any user access - i totally agree there too, but i must let my users log in because i'll be making websites for them and they want to update them, and it would save me a lot of work by letting them log in. one thing i've learnt recently though is that i have a lot to learn before i can make these log in things. i just learnt php a week or 2 ago and still haven't used my mysql database thanks for all the wise comments though, i'll keep them in mind