Working with passwords in CakePHP

36

The basics Usually, this is already well known. But.. there are still developers who actually store the password unhashed. You always have to store user passwords hashed. You can either…The basics Usually, this is already well known. But.. there are…

Preventing Brute Force on Login

4

With default cake login procedures a user could try unlimited passwords to one specific account. That means, if you write a bot that tries every possible combination (thousand times per…With default cake login procedures a user could try unlimited passwords…

CakePHP Security

9

When I first started with CakePHP I didn’t know about those things, either. Everything was new and I was overwhelmed by all the functionality of the framework. The basic rule…When I first started with CakePHP I didn’t know about those…

Saving Model Data and Security

14

In google groups there are quite a few discussions every month about security against (primary key) injection, xss or other things. And yes, the default templates will not protect you…In google groups there are quite a few discussions every month…