用于用户身份验证和密码安全PHP的最佳实践 [英] PHP best practices for user authentication and password security

问题描述

什么是最好的当前资料库/方法不使用CMS或重的框架？

What are the best current libraries/methods to authenticate users without the use of a CMS or heavy framework?

响应应该包括任何你认为应考虑涉及用户认证的​​新PHP开发标准的建议。

Responses should include suggestions for anything you think should be considered the standard for new PHP development involving user authentication.

推荐答案

的OpenID 是基于共同的现有帐户验证用户​​身份的方法Web服务，如雅虎，谷歌和Flickr。

OpenID is a method to authenticate users based on their existing accounts on common web services such as Yahoo, Google and Flickr.

登录到您的网站是基于一个成功登录到远程站点。

Logins to your site are based on a successful login to the remote site.

您并不需要存储敏感的用户信息，或使用SSL来保护用户登录。

You do not need to store sensitive user information or use SSL to secure user logins.

库的最新版本的PHP可以发现这里。

A current PHP version of the library can be found here.

这篇关于用于用户身份验证和密码安全PHP的最佳实践的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！