Sign up to save your podcasts
Or
Share JMS240: Secure User Authenticaion and Cryptographically Secure Tokens in PHP
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
JMS240: Secure User Authenticaion and Cryptographically Secure Tokens in PHP
A common problem in PHP is creating cryptographically secure tokens for user authentication. Think "remember me" and password reset features. Functions like rand(), mt_rand() and uniqid() simply aren't enough. And, without "resource-improbable" tokens... it's only a matter of time for a hacker to break your authentication and get int your application.Fortunately, PHP 5.6 and 7 have added the necessary functions for us to creating cryptographically secure tokens, prevent timing attacks and mitigate data hacks. That latest in all this in this episode.Show notes and sources: https://www.johnmorrisshow.com/240
Hosted on Acast. See acast.com/privacy for more information.
View all episodes
By John Morris
4.8
2929 ratings
A common problem in PHP is creating cryptographically secure tokens for user authentication. Think "remember me" and password reset features. Functions like rand(), mt_rand() and uniqid() simply aren't enough. And, without "resource-improbable" tokens... it's only a matter of time for a hacker to break your authentication and get int your application.Fortunately, PHP 5.6 and 7 have added the necessary functions for us to creating cryptographically secure tokens, prevent timing attacks and mitigate data hacks. That latest in all this in this episode.Show notes and sources: https://www.johnmorrisshow.com/240
Hosted on Acast. See acast.com/privacy for more information.