Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p><code>password_hash()</code>, a <a href="/questions/tagged/php" class="post-tag" title="show questions tagged &#39;php&#39;" rel="tag">php</a> function, was born out of a need to easily secure passwords in a way that the hash would not easily be broken, should an attacker obtain a table containing hashed passwords.<br> While its underlying hashing algorithm was readily available through the <a href="http://php.net/manual/en/function.crypt.php" rel="nofollow">PHP crypt() function</a>, pulling together all the necessary pieces to make this function work was beyond most programmers. As a result, many new programmers would turn to the insecure <a href="/questions/tagged/sha1" class="post-tag" title="show questions tagged &#39;sha1&#39;" rel="tag">sha1</a> and <a href="/questions/tagged/md5" class="post-tag" title="show questions tagged &#39;md5&#39;" rel="tag">md5</a> hashing systems that have been around for a long time.</p> <p><a href="http://php.net/password" rel="nofollow">Password hash</a> simply provides a wrapper for <code>crypt()</code>, using BCRYPT. The system generates a random salt by default <strong>(recommended)</strong> and returns a hash that contains the salt, the cost and the hashed password. Passing that string back into <a href="http://php.net/manual/en/function.password-verify.php" rel="nofollow">password_verify()</a>, along with the plain-text password, will tell you if they match.</p> <pre><code>$pass = 'password'; $hash = password_hash($pass, PASSWORD_DEFAULT); // $hash now contains a string that looks like // $2y$10$WNxIiMP4o7EevZKNL01T4uwux1TvOhFRj31XVfG7lQV7HhVY5tsIK $verify = password_verify($pass, $hash); var_dump($verify); // bool(true) </code></pre> <p>Password Hash is native to PHP 5.5.0 or later, however, <a href="https://github.com/ircmaxell/password_compat" rel="nofollow">a compatible library</a> exists for PHP 5.3.7 or later, that functions in the same way.</p> <ul> <li>Official PHP <a href="http://php.net/password" rel="nofollow">documentation</a></li> <li>PHP RFC proposal for <a href="https://wiki.php.net/rfc/password_hash" rel="nofollow">password_hash()</a></li> <li><a href="https://github.com/ircmaxell/password_compat" rel="nofollow">password_compat</a> compatibility package for PHP 5.3.7+</li> </ul>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload