The recent email about ECT Version 7.0 asked for new feature suggestions, so it seemed like a good time to share a few notes we've jotted down. These are all about login security.

1. This is an under-the-hood suggestion, but the password hashing system could use some modernizing. Consider a more secure system such as bcrypt, rather than MD5. Consider random salts for each user (stored in the database) rather than a single salt.
Switching to bcrypt in PHP (5.3+) is easy, because it’s built-in. Using it in ASP (without using a PHP file) might be harder, because there’s probably not a modern bcrypt function pre-written in it. Maybe a javascript function?

2. Whether or not the above item is implemented, consider NOT sending the password hash to the user in the “Forgot Password” email. Make a separate, random string that’s stored in the database. Also consider giving it a time limit. Also, don’t store the hash in the user’s browser as a cookie.

3. Create a system where a new user has to verify their email address. The site would send a confirmation email with a link they have to click within a certain time period.

4. Not an issue for me, since we run our site 100% on https now, but browsers will give a security warning if there are password fields on non-https pages.

Thanks!