|All requests||>||I need a PHP class for professional l...||>||Request new recommendation||>||Featured requests||>||No recommendations|
by Søren Haugaard Listel - 6 years ago (2015-07-22)
I need to create a high security login system.
1. by Manuel Lemos - 6 years ago (2015-07-28) Reply
What aspects do you require to consider a package a good professional secure login system?
2. by Dave Smith - 6 years ago (2015-08-04) in reply to comment 1 by Manuel Lemos Comment
The latest trend I have noticed with the banking industry to use 2FA MFA
What you know...
1) Unpublished user name
2) Password containing at least 8 characters with at least one capitalized alpha character and one numeric character.
What you have
1) Encrypted authentication token in the form of a secure cookie stored on authorized computers.
Whenever access is attempted by a computer without the token, an additional security layer is implemented where the user must have a security token sent to their mobile phone on record or answer a series of questions from public records about themselves. On success the computer is registered as authentic.
I have also started seeing e-mail notifications being sent to the e-mail account on record whenever the account is logged onto.
I haven't seen any classes that currently implement more than 1FA MFA, so this may be a candidate for a featured request.
3. by Manuel Lemos - 6 years ago (2015-08-04) in reply to comment 2 by Dave Smith Comment
Yes, you are right, that would be great if it existed.
Anyway, I wonder if the original poster requires something that sophisticated.
There are many reasonably secure packages but without more specific requirements it is hard to figure.
4. by Dave Smith - 6 years ago (2015-08-04) in reply to comment 3 by Manuel Lemos Comment
He did request 'high security' which I would define as a minimum of 2 factor authentication.
6. by Manny Hernandez - 6 years ago (2015-08-16) in reply to comment 3 by Manuel Lemos Comment
"Yes, you are right, that would be great if it existed."
It's not exactly a class so much as a complete sign in system. The generic login provider has a couple of 2FA options built-in. The level of complexity of 2FA is always going to be more than a single PHP class should ever attempt to handle.
7. by Kaaalid Marzog - 6 years ago (2015-09-23) in reply to comment 2 by Dave Smith Comment
I just ran across this class recently as I was working on my own ideas for the second authentication factor. Should not be difficult to integrate into any existing user management system and greatly increase security.
3. by Dave Smith - 6 years ago (2015-10-31) in reply to comment 2 by Dave Smith Reply
I should also mention for anyone who does not know. OTP stands for one time password
This is the class for User Identification. If you can wait, i've submitted a professional login system that is in approval :)
1. by Ricky Scotti Reply- 6 years ago (2015-09-11)
As I promise, here you can find a professional login system: http://www.phpclasses.org/package/9332-PHP-Authenticate-and-manage-user-in-sessions.html
This class implements a user registration and login system using PDO to store and retrieve user records. It uses prepared queries, so it is safe against SQL injection attacks.