My Notes: PHP >= 5.5: password hashing

Thursday, October 13, 2016

PHP >= 5.5: password hashing

To hash password (using default algorithm bcrypt)

$mypass = "password";
$myhash = password_hash($mypass, PASSWORD_DEFAULT);

To verify password

$brutepass = "test";
password_verify ($brutepass, $myhash); // true or false

Storing password in database

"Therefore, it is recommended to store the result in a database column that can expand beyond 60 characters (255 characters would be a good choice)." Maybe varchar(255)

Reference:

http://www.php.net/manual/en/faq.passwords.php
http://id1.php.net/manual/en/book.password.php

My Notes