Ajax to PHP Login Script Secure

Question

I'm looking at how to send a username and password via Ajax to PHP securely and how to also store the values in the MySQL database properly too.

In the past I have used the following type of example:

var formData = {username:$('#username').val(), password:$('#password').val()};
//SEND
$.ajax({
    type: "POST",
    url: "/signin.php",
    data: formData,
    success: function(data) {
        //success
    }
});

This is to send the values via JavaScript to then get a return OK or FAIL from the PHP. But is this secure enough? I was hoping someone would be kind enough to point me in the right and secure direction of sending sensitive data from JavaScript to PHP.

SQLfiddle

Answer 1

To be secure you need to ensure at minimum three things:

1. The input box, type=password The user control in which the user enters the password is a password input type, or custom control designed for this purpose which has been sufficiently validated for not caching, etc.
2. The connection, https In its current state, your question does not mention whether or not the connection is over https. It is more secure if the login box itself is displayed through a secure connection. In addition the ajax needs to post across the secure connection.
3. Hash passwords properly Use the native PHP password hashing API and hash passwords and store the hash in your database. Verify input passwords by using the password_verify function. password_hash() password_verify()

To do it "right" you should also consider:

1. Control the rate and number of failed login requests.
2. Record login statistics so that you can identify strange behavior and investigate it
3. Use browser side AND server side password strength testing to validate users' new passwords as being strong enough.
4. Use captcha to prevent pedestrian automation

5. Create a database user especially for authentication. Limit table/schema access accordingly. Use a separate subdomain for authentication. Use fastcgi-php or suphp to set the user for auth access to the database. Allow normal PHP database user to only read a semaphore or other login state credential from this "sandbox."

6. When users are entering their passwords, use site verification, ssl, and a verification "phrase" or picture they set when they created their account so they can be sure they are inputing to your server.

Additionally, most security concerns are going to be involved in what you do after the login. How do you plan to maintain the user's session? Greater security usually requires compromising convenience to the user. You need to consider carefully what type of abilities and information the user will have access to once authenticated. Your security plan should take that into account.

An alternative you might consider is using OAuth2 providers such as Google and Facebook.