While not directly PHP related, Developer.com has an interesting article covering the use of authentication in your applications.
Authentication is the act of establishing identity via the presentation of information that allows the verifier to know the presenter is who or what it claims. This identity could be any number of things, including people, systems, applications, messages.
Why would one want to verify an identity in the first place? Hopefully, most people reading this recognize that as sarcastic humor. This article presents different types of authentication and ways of adding it to your applications.
They discuss a range of authentication types - all the way from simple authentication out to cryptographic and multi-factor authentication. They wrap it up with a look at how you can choose the appropriate authentication methods for your applications as well.
I've seen several sites moving more and more to the next step up from the basic level of authentication up to even just the multi-factor. The more levels of security you can put on your application the better, especially if you're housing any kind of personal data about your users.