Can we clean password from PHP memory?

Posted on 2017-11-26 in Programmation • Tagged with php, Docker, security

At work in a PHP application, we rely on libsodium to erase a password from $_POST. It may sound like a good idea: once the password is not in memory any more, it can't leak. But the question is: is it really erased from memory? That's the question will answer …

Continue reading