Change language

How to secure hash and salt for PHP passwords?

Salting and hashing: In PHP, saving a password using salting and hashing is done with the password_hash() method. This method takes three parameters and returns the final hash of this password. Syntax:
string password_hash (string $pass, int $algo, array $options)
Parameters :
  • $pass: This parameter contains the password that must be protected and stored in the database.
  • $algo: defines the hashing algorithm, which is used to create the $pass hash. Some of the algorithm options in php are:
  • PASSWORD_DEFAULT: use bcrypt algorithm (default in PHP 5.5.0). This constant is intended to change over time as new and stronger algorithms are added to PHP.
  • PASSWORD_BCRYPT: This is the CRYPT_BLOWFISH algorithm for generating the hash. Result on a 60 character string, or FALSE on error.
  • $options: salted part. Requires salt in a cost form factor. Optionally, if left blank, a default value is added to the string (in most cases it is 10). Note that a higher cost leads to a more secure password and thus increases CPU utilization.
Return Value: Returns a hashed password and FALSE on error . Example: This example demonstrates reading password_hash(), generating a hash, and comparing it.  
// Save the string to a variable $password = ’Password’ ;  
// Use the password_hash() function for
// generate password hash $hash_default_salt = password_hash ( $password , PASSWORD_DEFAULT); $hash_variable_salt = password_hash ( $password , PASSWORD_DEFAULT, array ( ’cost’ = > 9));  
// Use the password_verify() function for
// check if the password matches echo password_verify ( ’Password’ , $hash_default_salt ). "
; echo password_verify ( ’ Password’ , $hash_variable_salt ). "
; echo password_verify ( ’ Password123’ , $hash_default_salt );  
1 1 0
This example uses the password_verify() method to compare the generated hash with the string entered as a parameter. It takes a hash and a comparison string as parameters and returns true if the password is correct, otherwise it returns false.


Best laptop for Sims 4


Best laptop for Zoom


Best laptop for Minecraft


Best laptop for engineering student


Best laptop for development


Best laptop for Cricut Maker


Best laptop for hacking


Best laptop for Machine Learning


Latest questions


psycopg2: insert multiple rows with one query

12 answers


How to convert Nonetype to int or string?

12 answers


How to specify multiple return types using type-hints

12 answers


Javascript Error: IPython is not defined in JupyterLab

12 answers


Python OpenCV | cv2.putText () method

numpy.arctan2 () in Python

Python | os.path.realpath () method

Python OpenCV | () method

Python OpenCV cv2.cvtColor () method

Python - Move item to the end of the list

time.perf_counter () function in Python

Check if one list is a subset of another in Python

Python os.path.join () method