Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 7 years ago.
Improve this question
I just have a little question about the password_hash() function, does it create a ramdom salt for me? I mean I don't have to specify something like this:
'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM)
Because I suppose that the function creates a random and different salt for EACH of the password?
Another question, if I use PASSWORD_DEFAULT in the function password_hash in this way : password_hash("rasmuslerdorf", PASSWORD_DEFAULT) is like to use password_hash("rasmuslerdorf", PASSWORD_BCRYPT) ?
Salt is automatically generated, but you can specify your own in the options.
As of PHP 5.5 the default algorithm is BCRYPT but it can change over time.
password_hash() will automatically generate a random salt each time it is called, unless you manually specify one in the third argument, $options.
PASSWORD_DEFAULT is equivalent to PASSWORD_BCRYPT as of PHP 5.5, however that may change in the future. You should NOT assume that PASSWORD_DEFAULT will always use the bcrypt algorithm in future versions of PHP.
According to the docs if you don't specify any salt it will generate a random one each time:
salt - to manually provide a salt to use when hashing the password.
Note that this will override and prevent a salt from being
automatically generated.
If omitted, a random salt will be generated by password_hash() for
each password hashed. This is the intended mode of operation.
http://php.net/manual/en/function.password-hash.php
From the very fine manual -
If omitted, a random salt will be generated by password_hash() for each password hashed. This is the intended mode of operation.
Additionally (your second question) more from the very fine manual -
PASSWORD_DEFAULT (integer)
The default algorithm to use for hashing if no algorithm is provided. This may change in newer PHP releases when newer, stronger hashing algorithms are supported.
...
Values for this constant:
PHP 5.5.0 - PASSWORD_BCRYPT
Related
This question already has answers here:
password_hash returns different value every time
(1 answer)
Using PHP 5.5's password_hash and password_verify function
(4 answers)
Closed 5 years ago.
I have a technical question regarding password_hash() & password_verify().
If I run a sample password through password_hash() many times, I get a different result each time. I guess that’s a Good Thing.
The question is how does password_verify() actually verify the candidate password if the actual hash keeps changing?
I ask this question here because it is PHP related.
For those who think this question is a duplicate:
This question is not a duplicated of the linked questions. I am aware that the value changes, and that password_verify_ works with that.
It is a question of how that happens.
As noted on the manual page for the password_hash() function,
The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it. This allows the password_verify() function to verify the hash without needing separate storage for the salt or algorithm information.
When the same inputs - algorithm, cost, salt and password - are fed into the password calculation, the same output will be generated. Thus, the password_verify() takes the algorithm, cost and salt from the original calculation, generates a new hash using the password being tested, and compares the previous result with the newly generated one. If they match, the verification succeeds, otherwise it's an error.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I have the code
echo password_hash( 'i=badatphp', PASSWORD_BCRYPT, [ 'cost' => 10 ] );
Every time I run the script the password changes
I'm using PHP 7, and in PHP 5 I used to be able to set a salt, but now I can't
How am I supposed to overcome not knowing what the salt is?
The reason you may see a new hash each time your run password_hash this way is because it will automatically generate a new random salt, which will result in a different hash even if the input password is the same.
While, as of PHP 7 the salt option is deprecated, it is definitely not removed from password_hash. Though, you should note that the reason it is deprecated is because it is planned for removal (probably in the next minor release of PHP). The reason it is planned for removal is because it discourages people from using inferior means of generating their salt. Since the function can generate good random salts for you automatically there's really very little reason to want to provide your own.
In any case, password_hash is just a thin wrapper over crypt, which exposes more of the primitives of the underlying API. So if you wanted to provide your own salt through crypt you still could. Though I highly discourage it when PHP can just do it for you with password_hash and in a manner which is not likely to result in error.
The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it. This allows the password_verify() function to verify the hash without needing separate storage for the salt or algorithm information.
http://php.net/manual/en/function.password-hash.php
As the docs state, the salt is generated and stored in the returned hash so there is no need to pass a salt to the function or to store it separately.
See this answer for a simple example of how to use password_hash.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
hi can anyone tell me how to use crypt() and and password_hash in php 5.6 please?
because i tried and it keeps on giving me this error
Notice: crypt(): No salt parameter was specified.
You must use a randomly generated salt and a strong hash function to produce a secure hash.
The usage is very straight forward, following example is summing it up:
// Hash a new password for storing in the database.
// The function automatically generates a cryptographically safe salt.
$hashToStoreInDb = password_hash($password, PASSWORD_DEFAULT);
// Check if the hash of the entered login password, matches the stored hash.
// The salt and the cost factor will be extracted from $existingHashFromDb.
$isPasswordCorrect = password_verify($password, $existingHashFromDb);
The password_hash() function is actually a wrapper around the crypt() function, to handle the difficult parts like generating a safe salt, and to make it future proof. So there is no need to call crypt() directly.
The function declaration is as follows:
string crypt ( string $str [, string $salt ] )
But the documentation notes this:
The salt parameter is optional. However, crypt() creates a weak password without the salt. PHP 5.6 or later raise an E_NOTICE error without it. Make sure to specify a strong enough salt for better security.
That is to say, you will just have to ignore the notice if you want to continue using the function without a salt (which would be dumb), or use a salt.
Note, however, that the documentation continues on to say this:
password_hash() uses a strong hash, generates a strong salt, and applies proper rounds automatically. password_hash() is a simple crypt() wrapper and compatible with existing password hashes. Use of password_hash() is encouraged.
(That last emphasis is mine.)
This question already has answers here:
Secure hash and salt for PHP passwords
(14 answers)
Which is the best password hashing algorithm for PHP? [duplicate]
(1 answer)
Closed 7 years ago.
Which are the most secure password hash algorithm(s) in PHP?
Speed is irrelevant because I'm iterating the hash over a fixed time (rather than a fixed number of iterations). What I'm interested in is the mathematical strength.
My intuition tells me it's whirlpool, being the largest and slowest of the bunch. That or SHA-512. Which is recommended by experts?
Are there any other algorithms which provide more than 512 bit hashes?
Use the function password_hash(). If you let it (by specifying PASSWORD_DEFAULT), it will choose the recommended algorithm, which currently is BCrypt. If the algorithm changes, you don't have to change the code. If you like, you can also explicitly choose this algorithm using the constant PASSWORD_BCRYPT, but that opposes the intention of automatically updating to better algorithms when they become available in future versions.
You can use password_verify() to verify the password.
PHP will add the used algorithm to the hash, as well as a salt, so it will know everything it needs to know for the verification. That way, when new algorithms become available in newer versions of PHP, they will be used automatically, and those passwords will have a stronger hash.
You can use password_needs_rehash() to check if a password needs to be rehashed, should the default ever change.
If a password validates, you can rehash it and store it. That way you will update old passwords with weaker hashes automatically when a user logs in.
scrypt is debateably the most secure hashing algorithm because it is RAM-limited and therefore difficult to parallelize. However, it is not natively supported by many, if any, current systems.
bcrypt is next. It has no current known cryptographic weaknesses, is widely supported, and has a broadly adjustable work factor. It is also the current default algorithm for password_hash().
Everything else is sub-par.
Unless you have a degree in cryptography do not roll your own hashing or cryptography scheme.
2023 Update
Worth noting that since PHP7.2 [Released Nov 2017] Argon2 hashing has been available to password_hash(), provided PHP was built with the relevant options. Specifically Argon2id allows the specification of both time and memory cost parameters, making potentially better than both bcrypt and scrypt.
This question already has an answer here:
password_hash() PASSWORD_DEFAULT PHP 5.5
(1 answer)
Closed 8 years ago.
On PHP's site here: http://php.net/manual/en/password.constants.php, this following is stated:
PASSWORD_DEFAULT (integer)
The default algorithm to use for hashing if no algorithm is provided. This may change in newer PHP releases when newer, stronger hashing algorithms are supported.
It is worth noting that over time this constant can (and likely will) change. Therefore you should be aware that the length of the resulting hash can change. Therefore, if you use PASSWORD_DEFAULT you should store the resulting hash in a way that can store more than 60 characters (255 is the recomended width).
How can this be? If someone sets their password, and the hash is set in the database, and then the method changes, they will not be able to get in, since the method will produce a different hash, will it not?
When you hash a password using the hash_password() function, information about the used algorithm and cost is included in the return string. Therefore, password_verify() can always check whether a provided password is valid given a certain hash.
See the docs for password_hash():
The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it. This allows the password_verify() function to verify the hash without needing separate storage for the salt or algorithm information.
There's also the function password_needs_rehash() which can be used to check whether a certain hash has been computed with an old algorithm, in which case a new hash has to be computed. Since at the time of a login the password is available as plaintext, you can (and should) at that moment rehash the password if needed.
The warning in the docs about the value changing over time is to make users aware that the length of the computed hash may change. However, the functions are intended to be backwards compatible with older (typically shorter) hashes.