In this blog, you will learn how to encrypt the password using bcrypt password hash method. Always Use bcrypt for storing passwords in PHP it’s encrypted and safe.
bcrypt is a password hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher, and presented at USENIX in 1999.
How to use bcrypt for storing passwords in PHP:
You may now use password_hash()
method to create a bcrypt
hash of any password:
[pastacode manual=”%3C%3Fphp%0D%0A%2F%2F%20Usage%201%3A%0D%0Aecho%20password_hash(‘rasmuslerdorf’%2C%20PASSWORD_DEFAULT).%22%5Cn%22%3B%0D%0A%2F%2F%20%242y%2410%24xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%0D%0A%2F%2F%20For%20example%3A%0D%0A%2F%2F%20%242y%2410%24.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a%0D%0A%0D%0A%2F%2F%20Usage%202%3A%0D%0A%24options%20%3D%20%5B%0D%0A%20%20’cost’%20%3D%3E%2011%0D%0A%5D%3B%0D%0Aecho%20password_hash(‘rasmuslerdorf’%2C%20PASSWORD_BCRYPT%2C%20%24options).%22%5Cn%22%3B%0D%0A%2F%2F%20%242y%2411%246DP.V0nO7YI3iSki4qog6OQI5eiO6Jnjsqg7vdnb.JgGIsxniOn4C%20%3F%3E” provider=”manual” lang=”php”/]
To verify a user-provided password against an existing hash, you may use them password_verify()
as such.
[pastacode manual=”%3C%3Fphp%0D%0A%2F%2F%20See%20the%20password_hash()%20example%20to%20see%20where%20this%20came%20from.%0D%0A%24hash%20%3D%20’%242y%2407%24BCryptRequires22Chrcte%2FVlQH0piJtjXl.0t1XkA8pw9dMXTpOq’%3B%0D%0A%0D%0Aif%20(password_verify(‘rasmuslerdorf’%2C%20%24hash))%20%7B%0D%0A%20%20%20%20echo%20’Password%20is%20valid!’%3B%0D%0A%7D%20else%20%7B%0D%0A%20%20%20%20echo%20’Invalid%20password.’%3B%0D%0A%7D%3F%3E” provider=”manual” lang=”php”/]