fxauth

The key points of the library are: It's simple

* Basic auth options (login, logout, register, unregister).
* Very compact (less than 20 files and 7 DB-tables).
* Username is optional, only email is obligatory.

It's secure

* Using phpass library for password hashing (instead of unsafe md5).
* Counting login attempt for bruteforce preventing (optional). Failed login attempts determined by IP and by username.
* Logging last login IP-address and time (optional).
* CAPTCHA for registration and repetitive login attempt (optional).
* Unactivated accounts and forgotten password requests auto-expire.

It's easy to manage

* Strict MVC model: controller for controlling, views for representation and library as model interface.
* Language file support.
* View files contain only necessary HTML code without redundant decoration.
* Most of the features are optional and can be tuned or switched-off in well-documented config file.

It's full featured

* Login using username, email address or both (depending on config settings).
* Registration is instant or after activation by email (optional).
* "Remember me" option.
* Forgot password (letting users pick a new password upon reactivation).
* Change password or email for registered users.
* Email or password can be changed even before account is activated.
* Ban user (optional).
* User Profile (optional).
* CAPTCHA support (CI-native and reCAPTCHA are available).
* HTML or plain-text emails.