User Login System

@kiwisFeb 08.2021

Seems like a basic bit of function but I’ve never needed to write one.

My question is around storing of passwords in MySQL, what’s the best practice and how do you compare when logging in?

Is this best practice?
https://www.php.net/manual/en/function.password-hash.php

And do store and compare is it as simple as…

`$passwordToSave = password_hash(“users-password”, PASSWORD_BCRYPT, $options);`

And

`$row[‘storedPassword’] == password_hash(“logging-in-password”, PASSWORD_BCRYPT, $options);`

to post a comment

PHP

7 Comments(s) _↴

@NogDogFeb 08.2021 — #I've not used that particular PHP function (that's not a negative, just a fact :) ), but yeah, the general idea is to store the hash of the password in the DB, since a good hash is very difficult to decrypt. Then to verify a login, you hash the incoming password in the same manner and see if it matches what was stored in the DB. Tip: make sure the character field you store it in is large enough to contain the entire hash for whichever type of hashing you choose to use.

@VITSUSAFeb 09.2021 — #@kiwis80#1627731 You can use it, and if you search on Google there you can so many other options as well.

@kiwisauthorFeb 09.2021 — #@VITSUSA#1627741

if you're contribution to this great forum is "google it" why bother participating.

Much like on this thread of mine where you didn't even bother to read my post and asked for an error message - https://www.webdeveloper.com/d/392650-get-posted-fetch-data/2

@VITSUSAFeb 10.2021 — #@kiwis80#1627766 I think you should read my comment carefully, as I have mentioned "you can use it" and to find another way you can Google it because there are so many ways you can find it to solve this problem.

For this thread - If there is no error so why your code is not working?

@nihitthakkarFeb 11.2021 — #The most secure way to store passwords in is to use a password manager. Some of them are:

1. KeePass

2. Dashlane

3. Sticky Password

4. RoboForm

5. Bitwarden

6. LastPass.

@nihitthakkarFeb 11.2021 — #A user login system is a collection of credentials used to authenticate a user. Most often, it consist of a username and password. However, it differs according to different needs the admin wants to know the details. The information is sent to the authentication server where the information is compared with all the user credentials on file. After that the system will authenticate users and grant them access to their accounts.

@marksmith121Feb 12.2021 — #Smartly, MySQL doesn't store passwords as plaintext, but rather, as a hashed value that is calculated by the Password() function. A hash is a special one-way encryption algorithm that produces an encrypted value for a given string. ... MD5 creates a hash string of 32 hex digits.

Also in #PHP _↴

Header() Question xml rendering in php WHY! session error -.-

Success!

Help @kiwis spread the word by sharing this article on Twitter...

Tweet This

about: ({
version: 0.1.9 — BETA 4.26,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});

changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...

recent_tips: (
tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,

tipper: @Samric24,
tipped: article
amount: 1000 SATS,
)...

User Login System

7 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

User Login System

7 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

7 Comments(s) _↴

Also in #PHP _↴