SCRAM: a new protocol for password authentication

In today’s world, a secure authentication mechanism for web sites is an absolute necessity.  Hackers and script kiddies love to hijack accounts in any way possible.  While it’s impossible to completely prevent a man in the middle access attack, utilizing SCRAM will certainly make it exponentially more difficult.  For a site that isn’t running e-commerce,
Continue reading SCRAM: a new protocol for password authentication

phpseclib: PHP Secure Communications Library

The PHP Secure Communications Library contains LGPL-licensed pure-PHP implementations of arbitrary-precision integers, fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4, Rijndael, AES, SSH-1, SSH-2, and SFTP. Although many of the features this library implements are implemented in PHP via optional extensions, what are you, as a developer, going to do when a user tries to
Continue reading phpseclib: PHP Secure Communications Library

Crypto-JS: JavaScript cryptographic algorithms

Crypto-JS is a growing collection of standard and secure cryptographic algorithms implemented in JavaScript using best practices and patterns. They are fast, and they have a consistent and simple interface. Additionally it offers some helper functions than are often required when working with hashes and cryptography on the web like fast Base64 and UTF8 encoding
Continue reading Crypto-JS: JavaScript cryptographic algorithms