Hi,
I thought some of you guys maybe had som knowledge or experience on the field of security when it comes to password protection, so I decided to ask you.
I've developed a session based login and that seems to work pretty well. I haven't been able to crack it ... hehe
On some occasions I've used .htacces files to protect areas of my sites.
I know there are other ways to do this, but I would love it if we could have a discussion on this subject.
What is the best way to go, and why... You can break into any system, but how secure is for example sessions and htaccess?
When working with money transactions I suppose you have to take security a step further.
Any thoughts guys?
