password_get_info
The length of the hash returned by password_hash() for for PASSWORD_BCRYPT is 60 chars.
password_hash
(PHP 5 >= 5.5.0)
password_hash — Creates a password hash
Beschreibung
string password_hash
( string
$password
, integer $algo
[, array $options
] )password_hash() creates a new password hash.
Parameter-Liste
-
password -
The user's password.
-
algo -
A password algorithm constant denoting the algorithm to use when hashing the password.
-
options -
An associative array containing options. Currently, two options are supported: salt, to provide a salt to use when hashing the password, and cost, which denotes the algorithmic cost that should be used. Examples of these values can be found on the crypt() page.
If omitted, a random salt will be created and the default cost will be used.
Rückgabewerte
Returns the hashed password, Im Fehlerfall wird FALSE zurückgegeben..
Beispiele
Beispiel #1 password_hash() example
<?php
echo password_hash("rasmuslerdorf", PASSWORD_DEFAULT)."\n";
$options = [
'cost' => 7,
'salt' => 'BCryptRequires22Chrcts',
];
echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options)."\n";
?>
Das oben gezeigte Beispiel erzeugt folgende Ausgabe:
$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a $2y$07$BCryptRequires22Chrcte/VlQH0piJtjXl.0t1XkA8pw9dMXTpOq
Siehe auch
- password_verify() - Verifies that a password matches a hash
- crypt() - Einweg-String-Hashing
- » userland implementation
add a note
User Contributed Notes
password_hash - [3 notes]
lekensteyn at gmail dot com ¶
4 months ago
martinstoeckli ¶
5 months ago
There is a compatibility pack available for PHP versions 5.3.7 and later, so you don't have to wait on version 5.5 for using this function. It comes in form of a single php file:
https://github.com/ircmaxell/password_compat
martinstoeckli ¶
2 months ago
In most cases it is best to omit the salt parameter. Without this parameter, the function will generate a cryptographically safe salt, from the random source of the operating system.