Probably one of the most common features required by website owners is the ability to log in. Implementing a simple login system is not all that challenging. However, the security involved can be quite complex.

We have all probably heard of some website storing passwords in pure text form within their databases. In other words, if a user has a password of qwerty12345 then this is stored in this form in the database. Now that is obviously not secure.

One of the easiest things a developer can do is to 'hash' the password. This basically means that the password in encrypted. To do this we can use the password_hash function within PHP as follows:

The output will be something like this:

The hashed password can then be stored in the database.

If you would like to learn more about PHP then enrol in the PHP for Beginners course.