Let me rephrase my last question, what PHP library or framework can I use for professional and secure authentication? Extra points if your idea helps implement account Control Panel features (change password, edit profile).
How do you pros do it? Have you ever done trustworthy authentication using PHP?
Have you checked out Drupal? It provides authentication over ssl and it doesn't store passwords as plaintext in the database. And a it's "Control Panel" features are pretty good.
I personally really like the symfony framework and its sfGuard plugin. It provides very easy to configure authentication. It hashes and salts all the passwords and provides a backend interface to manage users, groups and permissions.
Symfonys routing and configuration makes it very simple to set a secure flag on every page or even "area" of your web site. I have had no need to look elsewhere when building a secure web site.