johnmorrisshow.com
JMS240: Secure User Authenticaion and Cryptographically Secure Tokens in PHP
A common problem in PHP is creating cryptographically secure tokens for user authentication. Think “remember me” and password reset features. Functions like rand(), mt_rand() and uniqid() simply aren’t enough. And, without “resource-improbable” tokens… it’s only a matter of time for a hacker to break your authentication and get int your application. Fortunately, PHP 5.6 and […]