I havestandard code for login but doing some reading: http://phpsec.org/projects/guide/4.html I discovered that I need to do more but dont know how to approach it.

Session_ID & Prediction, Capture, Fixation

Does anyone know of a tutorial on how to build security for these.