blake2b & md5 based registration and login in PHP to show a secure hashed password.
- The project uses both blake2b and md5 to hash the password so it can't be unencrypted or stolen or intercepted.
- We first remove backslashes to ensure no XSS Attack can take place.
- We then escape special characters in a string to ensure SQL Injection and XSS Attacks aren't possible. This doesn't affect the password's strength as the user enters the same password to login as while signing up. He/she won't even know this procedure took place.
- The password is hashed with the blake2b hashing algorithm.
- The password is then hashed with the md5 hashing algorithm.
- The same procedure is repeated for both login and registration to ensure the final hashed value is the same and hence login doesn't fail.
The source code of this project is written in PHP
. You will need to install composer to run this project.
- Enter the following commands in terminal or the command prompt:
$ git clone https://github.com/akshatvg/Secure-Hashed-Authentication
$ cd Secure-Hashed-Authentication
$ composer install
- Import
database.sql
into any database and then enter these details indb.php
. - Register and then login.
Feel free to contact me via Facebook.
Invite me to connect on LinkedIn.
_____ _ _ __ __
|_ _| | | | \ \ / /
| | | |__ __ _ _ __ | | __ \ V /___ _ _
| | | '_ \ / _` | '_ \| |/ / \ // _ \| | | |
| | | | | | (_| | | | | < | | (_) | |_| |
\_/ |_| |_|\__,_|_| |_|_|\_\ \_/\___/ \__,_|
______
| ___|
| |_ ___ _ __
| _/ _ \| '__|
| || (_) | |
\_| \___/|_|
______ _ _ _ _
| ___ \ (_) | | | | | |
| |_/ / ___ _ _ __ __ _ | |_| | ___ _ __ ___| |
| ___ \/ _ \ | '_ \ / _` | | _ |/ _ \ '__/ _ \ |
| |_/ / __/ | | | | (_| | | | | | __/ | | __/_|
\____/ \___|_|_| |_|\__, | \_| |_/\___|_| \___(_)
__/ |
|___/
MIT © Akshat Gupta
if (youEnjoyed) {
starThisRepository();
}