I am using the ION Auth library for Codeigniter. For security purposes, should I change the default URL/Controller from "/auth" to s开发者_如何学编程omething that's unknown and more difficult to guess?
The "default controller exists purely as an example, you should not assume it is perfect.
That said changing it would be pointless. As soon as you provide a "login" link you would be telling people where it is...
The salts and encryption should be strong enough to keep people out. If you are REALLY worried about security, set up HTTPS.
You beat me to this Phil ;)
One other thing to add, I recommend creating routes for better URLs. So I map standard functions like login and logout; for example, auth/login maps to just /login.
精彩评论