Welcome Guest, Not a member yet? Register   Sign In
Password hashing
#8

(08-13-2015, 06:04 AM)ivantcholakov Wrote: @ardavan

Your code is wrong.
Place the following code within a page, reload it several times and you will find out why.


Code:
echo '<br />';

$password = 'test';

$password_h = password_hash($password, PASSWORD_BCRYPT);
// Note that every time a hash is produced,
// it is different than the previous one.
// It is for prevention dictionary attacks.
echo $password_h;

echo '<br />';

$password_at_login = 'test';

$success = password_verify($password_at_login, $password_h);
var_dump($success);

echo '<br />';

@ivantcholakov 

wait wait...
You said every time the hash will change...!
 
I think totally i got wrongly because I've saved the hashed password after register inside the DB.

correct me if I'm wrong : So I've to save the standard chars inside the DB AND i should use password_hash() & password_verify() for login.
Reply


Messages In This Thread
Password hashing - by ardavan - 08-12-2015, 07:35 AM
RE: Password hashing - by CroNiX - 08-12-2015, 07:51 AM
RE: Password hashing - by mariek - 08-12-2015, 08:25 AM
RE: Password hashing - by Narf - 08-12-2015, 09:26 AM
RE: Password hashing - by ardavan - 08-13-2015, 04:28 AM
RE: Password hashing - by pdthinh - 08-13-2015, 05:48 AM
RE: Password hashing - by ivantcholakov - 08-13-2015, 06:04 AM
RE: Password hashing - by ardavan - 08-13-2015, 07:11 AM
RE: Password hashing - by Narf - 08-13-2015, 07:15 AM
RE: Password hashing - by ardavan - 08-13-2015, 07:46 AM
RE: Password hashing - by Narf - 08-13-2015, 08:02 AM
RE: Password hashing - by ardavan - 08-22-2015, 09:56 PM
RE: Password hashing - by mwhitney - 08-24-2015, 07:28 AM



Theme © iAndrew 2016 - Forum software by © MyBB