Introducing PHPCredLocker Version 1

For a little while now, I've been working on a small PHP based project designed to store passwords securely. After a lot of testing, bug-hunting and fixing, PHPCredLocker has reached version 1.

Designed to prefer security over convenience, the system takes every step it can to protect stored credentials. Depending on the version of PHP you are running, passwords will be encrypted with either OpenSSL or MCrypt. A different key is used for each credential type (think FTP password vs Joomla password) and the database has been designed to be as unhelpful as possible to any miscreant who should manage to get a database dump.

I'm not an interface designer, so the template is very basic, but PHPCredLocker has been designed so that you can adjust and override as necessary (modules and views can be overridden, and templates are easy to create).


There's also support for plugins, with a couple of core plugins included in version 1: ExternalResources and AffinityLive Logging.

I've also created a plugin called AutoAuth, allowing for the display of a 'Log In' button by certain credential types.

You can view the PHPCredLocker documentation on this site, so far I've created

There're more to come, but all will be filed under Documentation -> PHPCredLocker.


PHPCredLocker is released under GNU GPL V2, and bug reports should be filed in the GitHub Repo. Download either from GitHub, or click here to download a zip file.

You can also tinker with the PHPCredLocker Demo here.

Version 1.5 should bring some new features as well as refinement of the interface.


Latest Commits

  • Added issue tracking details to readme.
    bentasker - 11 Nov 15:38
  • Packaged version 1.16
    - 09 Aug 21:41
  • Fixed password generator on Add user and change password pages. See PHPCRED-31
    - 09 Aug 21:37
  • Added a robots.txt
    - 08 Aug 02:45
  • Added comments
    - 08 Aug 02:44