Page 1 of 1

login form

Posted: Thu Jul 27, 2006 9:24 am
by jito
hi,
i want to make a login form without using database. will it be secure to use a file instead? any other alternatives.

Posted: Thu Jul 27, 2006 9:45 am
by klarinetking
Hi,

As long as you make sure that the file cannot be accessed by anyone, for example by placing it outside the webroot, it should be fairly safe.

klarinetking

Posted: Fri Jul 28, 2006 8:20 am
by jito
is it wll be better if i use sha1 or md5....?

YESSIR

Posted: Fri Jul 28, 2006 9:26 am
by ronverdonk
I don't want to go into a discussion about MD5 or SHA1 or whatever but thou shall always encrypt sensitive info, especially passwords!