php auth

Simple authentication system for PHP. Designed to allow secure logins without https
This is a simple PHP system for securely authenticating users against a MySQL database.
  • Passwords stored as md5 hashes
  • Client sends hashed passwords
    • o When login script is accessed, it generates a challenge that is stored in a session variable and sent to the client. When the client submits the form, the script uses this challenge value to compute a one way hash of the password's md5 hash, and blanks the password field to prevent it from being sent. The challenge is not sent back to the server. o The server script computes the the same hash from the md5 hash in the database and the challenge value stored in the session variable.
  • OATH compliant HOTP tokens
  • Stylesheet
    • o Login form utilizes CSS id and class tags to be fully customizable
  • Ability to be included in other pages
    • o The login form can be utilized stand-alone, or included in another page with zero modification.
  • Configurable logging of events:
    • o Successful logins o Failed logins, o Logouts o Page accesses.
current version: 1.3.1
Date Added: Feb 8th, 2010
Filed in: projects » PHP Scripts » PHP Class Scripts » User Management
Publisher: jooria
Contact Info: Send a Message to jooria
the team: view the project Peoples
0 points ( 0% like it)

0 up votes 0 down votes
I Use It - simple:
0 person is using this project