Hi, everybody.

I’m looking for a secure login library to use in my projects.
I’ve found this one http://codeigniter.com/wiki/SimpleLoginSecure/
Does anyone know this library?
Is it really secure?

Does anyone know other library to do all the related login functions?

Define secure.

I’d say, which one of this library should I choose:

* Tank Auth
* DX Auth
* FreakAuth Light
* Redux
* SimpleLoginSecure

It’s for a small site which has a user login sistem to access to a private where the user can download important documents and a admin login sistem to allow the adminitrator manage those documents.

Or should I create my own (and smaller) class?

chefnelone - 08 December 2009 05:26 PM

I’d say, which one of this library should I choose:

* Tank Auth
* DX Auth
* FreakAuth Light
* Redux
* SimpleLoginSecure

It’s for a small site which has a user login sistem to access to a private where the user can download important documents and a admin login sistem to allow the adminitrator manage those documents.

Or should I create my own (and smaller) class?

If it was me I would create my own using the build-in CI sessions lib. It’s very easy to extend it for your use. I found using the others were overkill in some areas but if your unsure how to create your own or just would rather use someone else’s then any of them you listed would be fine.

i would be very grateful if someone could either write me a javascript / executable program that could auto login to my library or email accounts; or tell me where i could find one online.
Enhanced Kre-Alkalyn

Simplelogin is designed to give you a quick and simple login library that will get you up and running with an unobtrusive authorization system very quickly. It does not try to guess how you want to structure your app, it simply tries to give you a little help.

There are three primary modifications to Anthony’s original code. Most importantly, SimpleLogin–Secure uses the phpass framework for secure, portable password hashing instead of straight md5 without a salt. Secondly, SimpleLoginSecure uses an e-mail address instead of a user name as the login key. And finally, it adds user_date, user_modified and user_last_login date/time fields to the default install.

For more information on why md5 hashing is not enough, see the excellent post about password schemes on the Matasano Security blog.
Installation and configuration

Download the library zip file and extract the contents.

Copy SimpleLoginSecure.php and the entire phpass-0.1 directory to your system/application/libraries directory.

Create your database table using the supplied SQL sample. You can also edit the hash length and portability constants at the top of SimpleLoginSecure.php.

vegetables
food4wealth
Jonathan White
grow organic garden
organic fruits and vegetables

I tend to write my own as well, but I guess reinventing the wheel over and over again in new projects kind of defeats DRY principle of MVC and Codeigniter. This thread was helpful to me because I’ve never heard of SimpleLoginSecure before but it looks promising and I honestly think libraries like TankAuth are so over the top and give you a whole bunch of functionality and overhead you don’t need.

I just check out the simplelogi-secure, It doesn’t give option to customize expire time, what if a user check “remember me” that session should last 6 forever not 2 hours right?