[snip] To be a bit more specific, while I want to develop better knowledge of overall security issues and best practices in this area, I also need to know how to correctly handle user login. [/snip] For a very comprehensive look at securing web applications may I suggest http://www.shiflett.org