This is my series of posts on authenticating users. It covers password hashing, data encryption and most importantly, maintaining session states in a stateless environment – the safe way.
If this is you first time delving into user authentication, read the posts in the order they are presented below.
Coming soon …
Protecting Users – Encrypting/Decrypting Data with Blowfish
Secure Session State – Maintaining State – Overview
Secure Session State – Dynamic Token Generation & Token Rules
Secure Session State – Using Dynamic Tokens
Other related links…
Crypt::Eksblowfish::Bcrypt on CPAN.
Blog post on WildlyInnacurate.Com – Bcrypt: Choosing a work factor
Argon2 info on Github.