3.9 Sensitive Data
Data leaked from an application can be used by malicious users to craft attacks.
In this lesson, I discuss using SSL and other cryptography standards to ensure that data cannot be leaked over transmission. We’ll also look at Apache SSL configuration directives.
I’ll show you how to use PHP’s built-in encryption algorithms to make the strongest password hash possible. You can transparently adjust this algorithm if it changes in the future, or if you need to change it for current users.
Finally, I’ll show you two different methods for encrypting data in PHP, either using SSL keys or Mcrypt.