This is an example of secure design logging and register with has:
- Basic error checks on the server-side.
- Captcha to prevent brute force attacks.
- 2FA for increase the security
- Use of HTTP post
- Use of TLS on HTTP (HTTPS)
- PHP sessions
- We have used the algorithm CRYPT_BLOWFISH (Salt + hash) to encrypt passwords. As an example, the password file is available at [URL]/userData.txt.
- The GMAIL API for sending the emails with the 2FA code using our GMAIL account.
|