On Nov 24, 2011 6:35 AM, "Olivier BATARD" <obat...@gmail.com> wrote: > > Hi, > > I'm just interested on how, after googling for a long time, on a > debian, can we manage users's passwords. I mean how can we manage a > password database on a web php site for example ? > > How do you manage your user's passwords database ? >
It seems you're asking two questions (you didn't mean to but you are). Per the first question of a password db in debian - there is keychain support for most applications. There is also keypass (already mentioned). And web services like lastpass. As for your second question about authentication in phone - I'll start out by saying that I don't develop in php. So fwiw, you setup a transactional db. You decide on an encryption schema (blowfish should do for you) and you put some auditing fields that your program checks that helps with management (lock out, reset time, fails, last login, realms, etc). You also generate your per user sault that gets changed with the password (and possibly per x successful logins). There are probably php modules to help with some of the back end logic as well.
