I am designing and implementing a web-application, and am currently deciding what kind of authentication to use. It will be a PHP app with a MySQL backbone. I have sorted out user/client registration/login, however need administration login to a different area. To save time I was simply going to create an "Administration Realm", using apache's built in Basic Authentication. Ive heard this isnt entirely secure and should probably use "Digest Authentication" using MD5. However Ive also heard that this is not widely supported. I dont want to develop a whole authentication system specifically for admin as this would waste time. Any suggestions would be great, Thanks
