[eluser]Bramme[/eluser]
Hi all
Another quick question (though it deserves some attention, that's why I put it in a separate topic).
What are some best practices to have a secure log in for a website?
Here's the (current) plan:
- When a user account is created, the user chooses his password (min length, etc)
- The backend prefixes it with a set salt from a config file and then hashes the entire string (salt + chosen pw) with sha1().
- the hash is saved in a mysql database.
- when the user logs in a query is sent in the form of "SELECT * FROM users WHERE username = 'username' AND password = 'hashedpw'" (where the hashedpw is ofc the one from the login screen, prefixed with the salt)
- if num_rows=1 the username and hash are saved in a session (using the session library, with $config['sess_use_database'] = TRUE)
- every refresh the auth library checks the username and hash saved in the session if they exist in the database.
In the past I used to replace the last two steps with: if num_rows=1, make a session called $_SESSION['loggedin'] = TRUE. with every refresh, i would merely check if $_SESSION['loggedin'] == TRUE.
I now realise that probably wasn't that safe :p However, is my current method okay, or should I add a random salt to the passwords too (that is then also saved in the database)?