what need of all three in yii2 login,i am new to yii2 framework and i want to know use of all these three. thanks in advance.
Asked
Active
Viewed 613 times
-2
-
why would you want to use MD5 in the first place? it's no longer safe to use – Funk Forty Niner Jul 22 '17 at 12:25
-
no, i do not want to use md5, but i want to understand use of auth_key, token and password hash. – bhargav3vedi Jul 22 '17 at 12:30
-
Why did you write: *"we can simply encode password using md5 and store it to database "* then? – Funk Forty Niner Jul 22 '17 at 12:31
1 Answers
0
There are methods to crack an md5-hash, so md5 is not meeting the requirements for good data security. Sure you could use md5 - many companies still do that - but it isn't a save method. If you already have all passwords hashed with md5 and want to hash them with another method, there are a few good ways to do that.
Ps. The Authkey is
used to verify cookie-based login. The key is stored in the login cookie and will be later compared with the server-side version to make sure the login cookie is valid. - http://www.yiiframework.com/doc-2.0/guide-security-authentication.html
MuratBa
- 309
- 1
- 5