Gii admin-password secure?

I have a small adminsection on my site currently under development, the site only needs one user. Is the gii created admin-user secure to use on production sites? Ofcourse with a new password.

Or is it recommended to create a database-table and store the password with encryption?


Gii doesn’t care about user front-end and admin back-end. It just provides you the tool to build CRUD Controllers and models. If you’re running over a classic Yii skeleton you should find just demo and admin default users whose password are hardcoded in your UserIdentity.php file.

Of course the best way to improve security on your project is authenticating users against a DB with encrypted password, if you know that you’ll access to admin section mainly from your office/home you can even filter the access over the IP address :)