This question already has answers here:
password_hash returns different value every time
(1 answer)
Using PHP 5.5's password_hash and password_verify function
(4 answers)
Closed 5 years ago.
I have a technical question regarding password_hash() & password_verify().
If I run a sample password through password_hash() many times, I get a different result each time. I guess that’s a Good Thing.
The question is how does password_verify() actually verify the candidate password if the actual hash keeps changing?
I ask this question here because it is PHP related.
For those who think this question is a duplicate:
This question is not a duplicated of the linked questions. I am aware that the value changes, and that password_verify_ works with that.
It is a question of how that happens.
As noted on the manual page for the password_hash() function,
The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it. This allows the password_verify() function to verify the hash without needing separate storage for the salt or algorithm information.
When the same inputs - algorithm, cost, salt and password - are fed into the password calculation, the same output will be generated. Thus, the password_verify() takes the algorithm, cost and salt from the original calculation, generates a new hash using the password being tested, and compares the previous result with the newly generated one. If they match, the verification succeeds, otherwise it's an error.
Related
This question already has answers here:
Double password_hash php
(2 answers)
Closed 5 years ago.
If I hash for example a password twice:
$psw1= password_hash($password,PASSWORD_DEFAULT);
$psw2=password_hash($psw1,PASSWORD_DEFAULT);
Is this more secure or it this just useless?
P.S.: I am new to php
This will prevent you from verifying the password, since you won't be able to reproduce the first hash, since you've discarded the random salt of the first hash. Instead, to increase security of a single hash, simply adjust its cost factor:
password_hash($password, PASSWORD_DEFAULT, ['cost' => 12])
The higher the cost, the more rounds of hashing will be done. Pick a cost that doesn't slow the process down too much, but isn't too low either. In fact, you should keep increasing the cost factor over time as better server hardware becomes available, and rehash your users passwords over time with the stronger algorithm. That's specifically what password_needs_rehash is for.
I think is useless since once hashed it's impossible to know what the real value was...at least teorically speaking.
I suggest using strong hash functions like sha512 or ripemd320 since there are not much publicy available databases where hashed passwords are stored.
If you want to know more I've found an old question on stackoverflow with good answers : PHP dehashing the password
This question already has an answer here:
Trying to understand password_verify PHP
(1 answer)
Closed 5 years ago.
I use PHP's password_hash and bcrypt algorithm to hash my passwords. They are in MySQL database.
password_hash($password, PASSWORD_BCRYPT);
As obvious every hash generated by this function is different. But is it really necessary, to identify user by email/login or something to grab his hash from database and then verify it with PHP's password_verify()?
Is it really necessary to make this query and then check?
I mean, is it possible to check hash before, and after only do query to check if it matches this one in MySQL?
Or something else maybe? I remember years ago I used something like checking inside query, like
WHERE login = $login and pass = PASSWORD($password)
Especially I mean this PASSWORD($password)?
Is there other option than fetch user's hash from Database and then verify this hash with password_verify()?
Yes, it's necessary. You need the unique salt generated during hashing, encoded as part of the hash, to do the comparison. That's also exactly why this algorithm is so strong for password storage.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I have the code
echo password_hash( 'i=badatphp', PASSWORD_BCRYPT, [ 'cost' => 10 ] );
Every time I run the script the password changes
I'm using PHP 7, and in PHP 5 I used to be able to set a salt, but now I can't
How am I supposed to overcome not knowing what the salt is?
The reason you may see a new hash each time your run password_hash this way is because it will automatically generate a new random salt, which will result in a different hash even if the input password is the same.
While, as of PHP 7 the salt option is deprecated, it is definitely not removed from password_hash. Though, you should note that the reason it is deprecated is because it is planned for removal (probably in the next minor release of PHP). The reason it is planned for removal is because it discourages people from using inferior means of generating their salt. Since the function can generate good random salts for you automatically there's really very little reason to want to provide your own.
In any case, password_hash is just a thin wrapper over crypt, which exposes more of the primitives of the underlying API. So if you wanted to provide your own salt through crypt you still could. Though I highly discourage it when PHP can just do it for you with password_hash and in a manner which is not likely to result in error.
The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it. This allows the password_verify() function to verify the hash without needing separate storage for the salt or algorithm information.
http://php.net/manual/en/function.password-hash.php
As the docs state, the salt is generated and stored in the returned hash so there is no need to pass a salt to the function or to store it separately.
See this answer for a simple example of how to use password_hash.
This question already has an answer here:
password_hash() PASSWORD_DEFAULT PHP 5.5
(1 answer)
Closed 8 years ago.
On PHP's site here: http://php.net/manual/en/password.constants.php, this following is stated:
PASSWORD_DEFAULT (integer)
The default algorithm to use for hashing if no algorithm is provided. This may change in newer PHP releases when newer, stronger hashing algorithms are supported.
It is worth noting that over time this constant can (and likely will) change. Therefore you should be aware that the length of the resulting hash can change. Therefore, if you use PASSWORD_DEFAULT you should store the resulting hash in a way that can store more than 60 characters (255 is the recomended width).
How can this be? If someone sets their password, and the hash is set in the database, and then the method changes, they will not be able to get in, since the method will produce a different hash, will it not?
When you hash a password using the hash_password() function, information about the used algorithm and cost is included in the return string. Therefore, password_verify() can always check whether a provided password is valid given a certain hash.
See the docs for password_hash():
The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it. This allows the password_verify() function to verify the hash without needing separate storage for the salt or algorithm information.
There's also the function password_needs_rehash() which can be used to check whether a certain hash has been computed with an old algorithm, in which case a new hash has to be computed. Since at the time of a login the password is available as plaintext, you can (and should) at that moment rehash the password if needed.
The warning in the docs about the value changing over time is to make users aware that the length of the computed hash may change. However, the functions are intended to be backwards compatible with older (typically shorter) hashes.
This question already has answers here:
Secure hash and salt for PHP passwords
(14 answers)
Closed 8 years ago.
Is there an advantage as to where password hash and salt occurs, in PHP vs in a database? It seems having the process occur inside of a database would be the optimal solution; since the web server and the database would only have to exchange the password and not the salt.
It's okay to store the salt in the database. It's an advantage to do so, because you want to use a different random salt per user.
I recommend doing the hashing in the application.
The reason is that if you do the hashing in an SQL expression, and you use query logging on the database server, you might be storing plaintext samples of the user passwords in the query log.
If you're using something better than a simple hash + salt, like PBKDF2, you're going to have to involve PHP at this point AFAIK. So in terms of best location, for me, the best location is in the code because that's where you can do the "best" method of password hashing.