用于用户身份验证和密码安全的 PHP 最佳实践 [英] PHP best practices for user authentication and password security

问题描述

在不使用 CMS 或繁重框架的情况下，当前最好的库/方法是什么来验证用户身份?

What are the best current libraries/methods to authenticate users without the use of a CMS or heavy framework?

响应应包括您认为应被视为涉及用户身份验证的新 PHP 开发标准的任何建议.

Responses should include suggestions for anything you think should be considered the standard for new PHP development involving user authentication.

推荐答案

OpenID 是一种基于他们在雅虎、谷歌和 Flickr 等常用网络服务上的现有帐户.

OpenID is a method to authenticate users based on their existing accounts on common web services such as Yahoo, Google and Flickr.

登录到您的站点是基于成功登录到远程站点.

Logins to your site are based on a successful login to the remote site.

您不需要存储敏感的用户信息或使用 SSL 来保护用户登录.

You do not need to store sensitive user information or use SSL to secure user logins.

可以在此处找到该库的当前 PHP 版本.

A current PHP version of the library can be found here.

这篇关于用于用户身份验证和密码安全的 PHP 最佳实践的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！