Authenticator_ciacob is a PHP library to register and authenticate users. It can do open or closed registration, via a master password. User roles are supported. Live authentication can be done by changing session unique ID from one request to another. There is support for password recovery or resetting. It has a built-in hack prevention system that logs a user out when an obsolete session ID is used, or if the IP address changes from one request to another, or when a session lifetime times out. A user is automatically locked out on too many failed login attempts. Locks are IP-based and can be reset by the master. Authenticator_ciacob is easy to configure via external XML files. It is protected against SQL injections by a built-in database traffic encoding and decoding mechanism.