interested in SA2 some advice needed
hi,
not been on here for a while and looking at buying some extensions again, one of which is the SA2.
i have been reading around and i need to know which is the best password encryption to use? is Crypt the best? i.e. can it not be reveresed?
i used sha1 one with sa1 and currently have sites running using md5.
question is does it matter which one as people cannot reverse it unless they have access to the raw mysql database on server is that right? or should i use crypt with sa2?
also what measures should i take to stop people gaining access to the server, do you guys have any help guides on how to keep things secure with your backend database?
and findally does sa2 have an automatic detection of brute force and failed login attempts triggers the user to be inactive for a set period?
i liked this feature with addt and wondered if sa2 had this?
thanks for the help