Here with yet another of the presentations from the PHPCon 2002, is Ewald - pointing us to another speech by the The Fuzzy Group's Scott Johnson that touches on one of the more important, yet often overlooked topics in writing PHP scripts these days - the security of your login features.

In this presentation he talks about the various security issues that sites face when they have to deal with their login scripts - everything from the use of SSL, to how to structure the tables so that they can be used more efficiently. There's lots of little tips in here that most sites don't even bother with, things like password restrictions and access to the machine that the scripts live on.

My personal favorite part of the presentation is at the very end when there are the "15 practices..." listed out that most developers just don't think of. We get going just a little too fast and don't think about all of the passwords and information out there flying around in plain text.