Sign up to save your podcasts
Or
Share JMS240: Secure User Authenticaion and Cryptographically Secure Tokens in PHP
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
JMS240: Secure User Authenticaion and Cryptographically Secure Tokens in PHP
A common problem in PHP is creating cryptographically secure tokens for user authentication. Think "remember me" and password reset features. Functions like rand(), mt_rand() and uniqid() simply aren't enough. And, without "resource-improbable" tokens... it's only a matter of time for a hacker to break your authentication and get int your application.
Fortunately, PHP 5.6 and 7 have added the necessary functions for us to creating cryptographically secure tokens, prevent timing attacks and mitigate data hacks. That latest in all this in this episode.
Show notes and sources: https://www.johnmorrisshow.com/240
View all episodes
By John Morris
4.8
2929 ratings
A common problem in PHP is creating cryptographically secure tokens for user authentication. Think "remember me" and password reset features. Functions like rand(), mt_rand() and uniqid() simply aren't enough. And, without "resource-improbable" tokens... it's only a matter of time for a hacker to break your authentication and get int your application.
Fortunately, PHP 5.6 and 7 have added the necessary functions for us to creating cryptographically secure tokens, prevent timing attacks and mitigate data hacks. That latest in all this in this episode.
Show notes and sources: https://www.johnmorrisshow.com/240