Phalcon Security

Phalcon provides the common security tasks to the developers such as:

  • Password Hashing.
  • Cross-Site Request Forgery protection (CSRF).

Password Hashing

It is a technique where password is stored in the encrypted form in the database. If the password is stored in the plain text format then any intruder that has the access to the database can easily view the passwords.

To avoid this problem password hashing has 2 techniques:

  • md5: It converts the plain text into hash of a 32-character hexadecimal number.
  • sha1: It converts the plain text into hash of a 40-character hexadecimal number.

Example

See this example of password hashing by using md5 technique:

Output:

Phalcon Password Hashing 1

After successful login in database we can see password stored in hash format:

Phalcon Password Hashing 2
Next TopicPhalcon (CSRF)




Latest Courses