I thought I would use this post to rant about what some people seem to think is secure user management. I will firstly state the hall of shame:
- tinsology (should mention this ain’t too bad but I would not use it for about 5 security flaws)
- Yet another wannabe
Now I should take a moment to explain I am not taking about SSL etc I am only talking about normal *slightly* secure session handling. Now for the hall of fame:
Let me sum this up one second. I searched Google using “secure php login” and out of all the links in the first page there was only two I would take any notice of…..sad isn’t it?