Close

December 13, 2017

JMS240: Secure User Authenticaion and Cryptographically Secure Tokens in PHP

A common problem in PHP is creating cryptographically secure tokens for user authentication. Think “remember me” and password reset features. Functions like rand(), mt_rand() and uniqid() simply aren’t enough. And, without “resource-improbable” tokens… it’s only a matter of time for a hacker to break your authentication and get int your application.

Fortunately, PHP 5.6 and 7 have added the necessary functions for us to creating cryptographically secure tokens, prevent timing attacks and mitigate data hacks. That latest in all this in this episode.

Listen here:

Sources

Rate and Review the Podcast

If you leave a rating and review of the podcast, I’d really appreciate it. It’s the main way more people find out about it which allows me to bring even more value to you as a listener. I believe that so much I’ll even give you Module 1 of my PHP 101 course for FREE if you leave me an honest review. Get the details on that here: https://www.johnmorrisshow.com/start-here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.