// To hash the password, use
password_hash("MySuperSafePassword!", PASSWORD_DEFAULT)
// To compare hash with plain text, use
password_verify("MySuperSafePassword!", $hashed_password)
$password = 'test123';
/*
Always use salt for security reasons.
I'm using the BCRYPT algorithm use any valid one you like.
*/
$options['salt'] = 'usesomesillystringforsalt';
$options['cost'] = 3;
echo password_hash($password, PASSWORD_BCRYPT, $options)
<?php
/**
* We just want to hash our password using the current DEFAULT algorithm.
* This is presently BCRYPT, and will produce a 60 character result.
*
* Beware that DEFAULT may change over time, so you would want to prepare
* By allowing your storage to expand past 60 characters (255 would be good)
*/
echo password_hash("rasmuslerdorf", PASSWORD_DEFAULT);
?>
<?php
/**
* In this case, we want to increase the default cost for BCRYPT to 12.
* Note that we also switched to BCRYPT, which will always be 60 characters.
*/
$options = [
'cost' => 12,
];
echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options);
?>
/* New password. */
$password = $_POST['password'];
/* Remember to validate the password. */
/* Create the new password hash. */
$hash = password_hash($password, PASSWORD_DEFAULT);
<?php
/**
* We just want to hash our password using the current DEFAULT algorithm.
* This is presently BCRYPT, and will produce a 60 character result.
*
* Beware that DEFAULT may change over time, so you would want to prepare
* By allowing your storage to expand past 60 characters (255 would be good)
* Other algorithms such as PASSWORD_BCRYPT and PASSWORD_ARGON2ID may be used
* instead of PASSWORD_DEFAULT
*/
echo password_hash("rasmuslerdorf", PASSWORD_DEFAULT);
?>