Okay so I have a PHP script that creates user acounts and encrypts the password then saves it into the database. The login form just compares the users password with a password in the database. The database has a password to connect to and user name. Is this enough security for my sites login? Or is there other things I should be doing?
Hello, it's enough, you are comparing username and password from user to database, the only two input that can identify the user are username and password, but make sure you are making the username unique.
you can also add login failed counter and assign the count in session. Define how many failed login would you allow, before requiring an account reset or captcha.
Test your login script with the most common login hacks e.g. type OR'' on the password field, without typing any username... if the script shows the mysterious user as logged in, then you need to sanitize more..
mysql_real_escape_string() is a must, you need to use it almost on every variable, in which value is taken from the user, to prevent SQL Injection.
Even if you have million users, if an action is applicable on one user, it will be applicable for all :)
Escaping values using mysql_real_escape_string or similar (i.e. mysqli_real_escape_string) function greatly minimizes a possibility of sql injection by escaping dangerous characters. Some other things you have to do are (not a comprehensive list):
put quotes arround any query parameters - even numbers
Personally, I'd use prepared statements (PDO flavour), BUT you need to validate the data too. All data from POST vars should be strings anyway, but you can check for integer or float or date formats, etc. If any of the inputs fall outside the allowed parameters, flag an error - do not run the query.
One more thing: if password is incorrect, do not tell that to the user; if username is incorrect, do not tell that to the user. Allways tell them that login failed, but not the reason. This way you give no clue to potential attacker.