php & android howto prevent man-in-the-middle

Asked Jul 22 '16 at 14:01

Active Jul 22 '16 at 14:01

Viewed 118 times

We works on a mobile app that using some web services as backend for db services and others services. We use a password approach for each user to prevent others to connect to ours services. My question is do we need to implements a token based system for preventing "man in the middle" attack? or using https.... or what is best. And if yes wich kind of lib or framework could help us? Now we protect our function with

if (password_verify($userPass, $hashedPass)) 
{
    return true;
}else
{
    return false;
}

asked Jul 22 '16 at 14:01

JahStation

Use security Technics like encryption and decryption of your user name and password. – Android Surya Jul 22 '16 at 14:06
yes! i did that allready but i found how to go for prevent this: JWT – JahStation Jul 27 '16 at 14:08

php & android howto prevent man-in-the-middle

0 Answers0