PUBLIC MARKS with tags php & password

This library is intended to provide forward compatibility with the password_* functions being worked on for PHP 5.5.

If you're a web developer, you've probably had to make a user account system. The most important aspect of a user account system is how user passwords are protected. User account databases are hacked frequently, so you absolutely must do something to protect your users' passwords if your website is ever breached. The best way to protect passwords is to employ salted password hashing. This page will explain how to do it properly.

This is a portable public domain password hashing framework for use in PHP applications. It is meant to work with PHP 3 and above, and it has actually been tested with at least PHP 3.0.18 through 5.3.0 so far.

在前幾篇文章介紹過 PHP 透過 Sudo 執行 root 指令，對於單行的指令沒有問題，但如果要執行 passwd 修改系統密碼的話便不行了。 要解決可以安裝 super 或 expert，而另一個方法是用非互動的方法修改密碼，但如果主機上有其他用戶可以放置他們的網頁，則不建議使用。以下是具體步驟: 1. 用 root 執行 visudo，加入以下一行: apache ALL=NOPASSWD:/usr/bin/passwd [A-z]*, !/usr/bin/passwd root

Ou comment bien sécuriser les mots de passe

An article about how to hash a password for a login script in php