Securing PHP Page Access

In this blog, you will learn how to encrypt the password using bcrypt password hash method. Always Use bcrypt for storing passwords in PHP it’s encrypted and safe.

bcrypt is a password hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher, and presented at USENIX in 1999.

How to use bcrypt for storing passwords in PHP:

You may now use password_hash() method to create a bcrypt hash of any password:
[pastacode manual=”%3C%3Fphp%0D%0A%2F%2F%20Usage%201%3A%0D%0Aecho%20password_hash(‘rasmuslerdorf’%2C%20PASSWORD_DEFAULT).%22%5Cn%22%3B%0D%0A%2F%2F%20%242y%2410%24xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%0D%0A%2F%2F%20For%20example%3A%0D%0A%2F%2F%20%242y%2410%24.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a%0D%0A%0D%0A%2F%2F%20Usage%202%3A%0D%0A%24options%20%3D%20%5B%0D%0A%20%20’cost’%20%3D%3E%2011%0D%0A%5D%3B%0D%0Aecho%20password_hash(‘rasmuslerdorf’%2C%20PASSWORD_BCRYPT%2C%20%24options).%22%5Cn%22%3B%0D%0A%2F%2F%20%242y%2411%246DP.V0nO7YI3iSki4qog6OQI5eiO6Jnjsqg7vdnb.JgGIsxniOn4C%20%3F%3E” provider=”manual” lang=”php”/]
To verify a user-provided password against an existing hash, you may use them password_verify()as such.
[pastacode manual=”%3C%3Fphp%0D%0A%2F%2F%20See%20the%20password_hash()%20example%20to%20see%20where%20this%20came%20from.%0D%0A%24hash%20%3D%20’%242y%2407%24BCryptRequires22Chrcte%2FVlQH0piJtjXl.0t1XkA8pw9dMXTpOq’%3B%0D%0A%0D%0Aif%20(password_verify(‘rasmuslerdorf’%2C%20%24hash))%20%7B%0D%0A%20%20%20%20echo%20’Password%20is%20valid!’%3B%0D%0A%7D%20else%20%7B%0D%0A%20%20%20%20echo%20’Invalid%20password.’%3B%0D%0A%7D%3F%3E” provider=”manual” lang=”php”/]

Leave a Reply

Your email address will not be published. Required fields are marked *

%d