Re: Question on password visibilty?

Phil Coen wrote:

> I have been learning PHP on my own time and have an Apache server on my
> network at home. Obviously security is not a problem on this setup.
>

You think?

> But as I begin to think about actually using code on a publicly
> addressably server someday, the examples in my books seem to be wide open
> to the world.
>
> Most use an HTML form that calls a separate php program. Most of the
> passwords are either hard coded in that php module or are in a file
> accessable by that module.
>
> Heck, anybody can download the php script and look at the passwords. Or,
> use it to see what file it is pointing to.
>

Are we talking about passwords used by your PHP scripts to authenticate
against some other service (like MySQL) or to authenticate web users?

The former (which the previous 2 responders seem to be addressing) will
require to be stored in an unencrypted form (as someone else said - if your
webserver is setup correctly, they should not be visible). However the
latter (which you seem to be talking about) should never require an
encrypted password. Really, the stored token should be kept in a
non-reversible hash.

Unix authentication systems are well documented. Originally these used crypt
to hash the password, but more recently 3DES or MD5. Where you keep the
data is up to you - but even a 100% secure hash will not protect your
system against brute force attacks (particularly if the black hat can copy
the password file to his/her own machine and recreate the algorithm).

Of course you also need to think about how to secure the passing of
information to/from the browser. SSL is the obvious choice but introduces
of its own.

> Where should the logon security for the web site actually be?
>

Kinda depends...

C.
.

Relevant Pages

  • Re: Capturing Windows Login Name
    ... annoyance of typing their user names and passwords again. ... I am well aware of how it works because I implemented the SASL PHP ... that among other protocols supports NTLM. ... server in the last step, ...
    (comp.lang.php)
  • script wrapper for smbpasswd?
    ... an administrative user, properly authenticated elsewhere can from a php generated form, submit a request to add users and passwords, or change passwords, from an apache2 web server. ... The man pages on smbpasswd are plain wrong: it no longer uses a password file - instead it is all munged up in a passwd.tdb format, so it seems that executing smbpasswd is the best approach: However when executed by the web server, - user www-data - it won't have sufficient permissions to utilize smbpasswd.. ... A script wrapper executed from the php with setuid set may be an approach.. ...
    (comp.os.linux.misc)
  • Question on password visibilty?
    ... I have been learning PHP on my own time and have an Apache server on my ... Obviously security is not a problem on this setup. ... Most use an HTML form that calls a separate php program. ... passwords are either hard coded in that php module or are in a file ...
    (comp.lang.php)
  • Re: [PHP] Preventing Access to Private Files
    ... You could use PHP to read the file and send the proper image format header. ... that's not available to the web server. ... members table to validate passwords. ... generation of "member" pages to members only. ...
    (php.general)
  • Re: [Info-ingres] SQL Injection, a summary
    ... Digested passwords would have mitigated that particular attack, as the entire password string, spaces and all, would have been turned into a digest that would have failed. ... From the looks of it the genius that wrote above code didn't even apply addslashes (or depended on PHP for it to do so automatically, yech), which is the *very least* you should do. ... then it also mitigates that attack quite neatly. ...
    (comp.databases.ingres)