secure log in

[cfemocha]

I've been creating login pages by matching its username and password with the database and just wondering how is secure log in form differ from the method I've been using?

How would I create a secure login/registration form?

any help is appreciated.
Thank you.

[littlened]

[!--quoteo(post=353243:date=Mar 9 2006, 02:02 PM:name=cfemocha)--][div class=\'quotetop\']QUOTE(cfemocha @ Mar 9 2006, 02:02 PM) [snapback]353243[/snapback][/div][div class=\'quotemain\'][!--quotec--]
I've been creating login pages by matching its username and password with the database and just wondering how is secure log in form differ from the method I've been using?

How would I create a secure login/registration form?

any help is appreciated.
Thank you.
[/quote]

I would image that you would put the login pages on the https side of your server, so your login page might be [a href=\"https://www.yoursite.com/login.php\" target=\"_blank\"]https://www.yoursite.com/login.php[/a] as I believe everything that's done over https is encrypted.

The other problem you would have though, is that the data stored in the database wouldnt be encrypted, so you would probably need to find an encryption script to encrypt the password before it stores in the the database, then decrypt the password when someone tries to login.

So basically the https would mean the data transfered from the users browser to your server would be encrypted, and the password in the database would be encrypted also.

[cfemocha]

Thank you so much for the reply.
I might be asking silly questions here but I have my login page in [b]http[/b]://www.mysite.com/login.php NOT [b]https[/b], what do i need to do to have it move to https?
Also, if i encrypted all user data then does that mean I can't have a "remind password" function for users?

I see sometimes websites send out new generated passwords for users that forget their passwords instead of sending them their old ones, is this method more secure?

[lessthanthree]

The method is indeed more secure.

Most sites with any security knowledge at all would be set up to hold the password in the database with an irreversible hashed value (using md5 / sha1 or some other encryption method). Yes these can be bruteforced or dictionary attacked but it's much safer than storing passwords in plain text.

Conveniently PHP has both an md5() and a sha1() function built in.

A new password has to be generated when a user has forgotten theirs as the one stored is hashed and cannot be decrypted.

The usual process for it is for the site to generate a new random password, email out a plain text version to the users stored email address, hash the password and insert it into the db.

You will have most likely noticed that the emails almost always reccomend that the user change their password once they have logged in with the newly generated once.