The password_hash function in PHP uses the bcrypt one-way hashing algorithm by default (using the PASSWORD_DEFAULT filter).
xxxxxxxxxx
// To hash the password, use
password_hash("MySuperSafePassword!", PASSWORD_DEFAULT)
// To compare hash with plain text, use
password_verify("MySuperSafePassword!", $hashed_password)
xxxxxxxxxx
//hash password
$pass = password_hash($password, PASSWORD_DEFAULT);
//verify password
password_verify($password, $hashed_password); // returns true
xxxxxxxxxx
//hash password
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
//verify password
password_verify($password, $hashed_password); // returns true
xxxxxxxxxx
<?php
/**
* For the VAST majority of use-cases, let password_hash generate the salt randomly for you.
*/
$password = 'idkWhatToUse';
$hashedPassword= password_hash($password, PASSWORD_DEFAULT);
?>
xxxxxxxxxx
/* User's password. */
$password = 'my secret password';
/* Secure password hash. */
$hash = password_hash($password, PASSWORD_DEFAULT);
xxxxxxxxxx
<?php
/**
* In this case, we want to increase the default cost for BCRYPT to 12.
* Note that we also switched to BCRYPT, which will always be 60 characters.
*/
$options = [
'cost' => 12,
];
echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options);
?>
xxxxxxxxxx
/* New password. */
$password = $_POST['password'];
/* Remember to validate the password. */
/* Create the new password hash. */
$hash = password_hash($password, PASSWORD_DEFAULT);
xxxxxxxxxx
<?php
/**
* We just want to hash our password using the current DEFAULT algorithm.
* This is presently BCRYPT, and will produce a 60 character result.
*
* Beware that DEFAULT may change over time, so you would want to prepare
* By allowing your storage to expand past 60 characters (255 would be good)
*/
echo password_hash("rasmuslerdorf", PASSWORD_DEFAULT);
?>
xxxxxxxxxx
CREATE TABLE `accounts` (
`account_id` int(10) UNSIGNED NOT NULL,
`account_name` varchar(255) NOT NULL,
`account_passwd` varchar(255) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
ALTER TABLE `accounts`
ADD PRIMARY KEY (`account_id`);
ALTER TABLE `accounts`
MODIFY `account_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT;
xxxxxxxxxx
$password = 'my password';
echo password_hash($password, PASSWORD_DEFAULT);
echo '<br>';
echo password_hash($password, PASSWORD_DEFAULT);