How do you use bcrypt for hashing passwords in PHP

Question

Every now and then I hear the advice  Use bcrypt for storing passwords in PHP  bcrypt rules    But what is bcrypt  PHP doesn t offer any such functions  Wikipedia babbles about a file-encryption utility and Web searches just reveal a few implementations of Blowfish in different languages  Now Blowfish is also available in PHP via mcrypt  but how does that help with storing passwords  Blowfish is a general purpose cipher  it works two ways  If it could be encrypted  it can be decrypted  Passwords need a one-way hashing function   What is the explanation

User · Answer

Here s an updated answer to this old question   The right way to hash passwords in PHP since 5 5 is with password hash    and the right way to verify them is with password verify    and this is still true in PHP 8 0  These functions use bcrypt hashes by default  but other stronger algorithms have been added  You can alter the work factor  effectively how  strong  the encryption is  via the password hash parameters   However  while it s still plenty strong enough  bcrypt is no longer considered state-of-the-art  a better set of password hash algorithms has arrived called Argon2  with Argon2i  Argon2d  and Argon2id variants  The difference between them  as described here       Argon2 has one primary variant  Argon2id  and two supplementary variants  Argon2d and Argon2i  Argon2d uses data-depending memory access  which makes it suitable for cryptocurrencies and proof-of-work applications with no threats from side-channel timing attacks  Argon2i uses data-independent memory access  which is preferred for password hashing and password-based key derivation  Argon2id works as Argon2i for the first half of the first iteration over the memory  and as Argon2d for the rest  thus providing both side-channel attack protection and brute-force cost savings due to time-memory tradeoffs    Argon2i support was added in PHP 7 2  and you request it like this    hash   password hash  mypassword   PASSWORD ARGON2I     and Argon2id support was added in PHP 7 3    hash   password hash  mypassword   PASSWORD ARGON2ID     No changes are required for verifying passwords since the resulting hash string contains information about what algorithm  salt  and work factors were used when it was created   Quite separately  and somewhat redundantly   libsodium  added in PHP 7 2  also provides Argon2 hashing via the sodium crypto pwhash str    and sodium crypto pwhash str verify   functions  which work much the same way as the PHP built-ins  One possible reason for using these is that PHP may sometimes be compiled without libargon2  which makes the Argon2 algorithms unavailable to the password hash function  PHP 7 2 and higher should always have libsodium enabled  but it may not - but at least there are two ways you can get at that algorithm  Here s how you can create an Argon2id hash with libsodium  even in PHP 7 2  which otherwise lacks Argon2id support      hash   sodium crypto pwhash str       mypassword       SODIUM CRYPTO PWHASH OPSLIMIT INTERACTIVE      SODIUM CRYPTO PWHASH MEMLIMIT INTERACTIVE      Note that it doesn t allow you to specify a salt manually  this is part of libsodium s ethos     don t allow users to set params to values that might compromise security     for example there is nothing preventing you from passing an empty salt string to PHP s password hash function  libsodium doesn t let you do anything so silly

User · Answer

bcrypt is a hashing algorithm which is scalable with hardware  via a configurable number of rounds   Its slowness and multiple rounds ensures that an attacker must deploy massive funds and hardware to be able to crack your passwords  Add to that per-password salts  bcrypt REQUIRES salts  and you can be sure that an attack is virtually unfeasible without either ludicrous amount of funds or hardware   bcrypt uses the Eksblowfish algorithm to hash passwords  While the encryption phase of Eksblowfish and Blowfish are exactly the same  the key schedule phase of Eksblowfish ensures that any subsequent state depends on both salt and key  user password   and no state can be precomputed without the knowledge of both  Because of this key difference  bcrypt is a one-way hashing algorithm  You cannot retrieve the plain text password without already knowing the salt  rounds and key  password    Source   How to use bcrypt   Using PHP    5 5-DEV  Password hashing functions have now been built directly into PHP    5 5  You may now use password hash   to create a bcrypt hash of any password    lt  php    Usage 1  echo password hash  rasmuslerdorf   PASSWORD DEFAULT    n       2y 10 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx    For example      2y 10  vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a     Usage 2   options        cost    gt  11    echo password hash  rasmuslerdorf   PASSWORD BCRYPT   options    n       2y 11 6DP V0nO7YI3iSki4qog6OQI5eiO6Jnjsqg7vdnb JgGIsxniOn4C   To verify a user provided password against an existing hash  you may use the password verify   as such    lt  php    See the password hash   example to see where this came from   hash     2y 07 BCryptRequires22Chrcte VlQH0piJtjXl 0t1XkA8pw9dMXTpOq    if  password verify  rasmuslerdorf    hash         echo  Password is valid      else       echo  Invalid password        Using PHP    5 3 7   lt  5 5-DEV  also RedHat PHP    5 3 3   There is a compatibility library on GitHub created based on the source code of the above functions originally written in C  which  provides the same functionality  Once the compatibility library is installed  usage is the same as above  minus the shorthand array notation if you are still on the 5 3 x branch    Using PHP  lt  5 3 7  DEPRECATED   You can use crypt   function to generate bcrypt hashes of input strings  This class can automatically generate salts and verify existing hashes against an input  If you are using a version of PHP higher or equal to 5 3 7  it is highly recommended you use the built-in function or the compat library  This alternative is provided only for historical purposes   class Bcrypt    private  rounds     public function   construct  rounds   12        if  CRYPT BLOWFISH    1          throw new Exception  bcrypt not supported in this installation  See http   php net crypt                this- gt rounds    rounds         public function hash  input        hash   crypt  input   this- gt getSalt          if  strlen  hash   gt  13        return  hash       return false         public function verify  input   existingHash        hash   crypt  input   existingHash        return  hash      existingHash         private function getSalt         salt   sprintf   2a  02d     this- gt rounds         bytes    this- gt getRandomBytes 16         salt     this- gt encodeBytes  bytes        return  salt         private  randomState    private function getRandomBytes  count        bytes            if  function exists  openssl random pseudo bytes    amp  amp           strtoupper substr PHP OS  0  3        WIN         OpenSSL is slow on Windows        bytes   openssl random pseudo bytes  count              if   bytes         amp  amp  is readable   dev urandom    amp  amp           hRand    fopen   dev urandom    rb        FALSE           bytes   fread  hRand   count         fclose  hRand              if  strlen  bytes   lt   count           bytes              if   this- gt randomState     null             this- gt randomState   microtime            if  function exists  getmypid                 this- gt randomState    getmypid                             for   i   0   i  lt   count   i    16             this- gt randomState   md5 microtime      this- gt randomState            if  PHP VERSION  gt    5                bytes    md5  this- gt randomState  true             else              bytes    pack  H    md5  this- gt randomState                              bytes   substr  bytes  0   count              return  bytes         private function encodeBytes  input          The following is code from the PHP Password Hashing Framework      itoa64      ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789         output            i   0      do          c1   ord  input  i             output     itoa64  c1  gt  gt  2          c1     c1  amp  0x03   lt  lt  4        if   i  gt   16             output     itoa64  c1           break                  c2   ord  input  i             c1     c2  gt  gt  4         output     itoa64  c1          c1     c2  amp  0x0f   lt  lt  2          c2   ord  input  i             c1     c2  gt  gt  6         output     itoa64  c1          output     itoa64  c2  amp  0x3f         while  true        return  output          You can use this code like this    bcrypt   new Bcrypt 15     hash    bcrypt- gt hash  password     isGood    bcrypt- gt verify  password    hash     Alternatively  you may also use the Portable PHP Hashing Framework

User · Answer

For OAuth 2 passwords    bcrypt   new  Zend Crypt Password Bcrypt   bcrypt- gt create  youpasswordhere   10

User · Answer

You ll get a lot of information in Enough With The Rainbow Tables  What You Need To Know About Secure Password Schemes or Portable PHP password hashing framework   The goal is to hash the password with something slow  so someone getting your password database will die trying to brute force it  a 10 nbsp ms delay to check a password is nothing for you  a lot for someone trying to brute force it   Bcrypt is slow and can be used with a parameter to choose how slow it is

User · Answer

As we all know storing password in clear text in database is not secure  the bcrypt is a hashing password technique It is used to built password security  one of the amazing function of bcrypt is it save us from hackers it is used to protect the password from hacking attacks because the password is stored in bcrypted form   the password hash   function is used to create a new password hash  It uses a strong  amp  robust hashing algorithm The password hash   function is very much compatible with the crypt   function  Therefore  password hashes created by crypt   may be used with password hash   and vice-versa  The functions password verify   and password hash   just the wrappers around the function crypt    and they make it much easier to use it accurately   SYNTAX     string password hash  password    algo    options    The following algorithms are currently supported by password hash   function   PASSWORD DEFAULT PASSWORD BCRYPT PASSWORD ARGON2I PASSWORD ARGON2ID  Parameters  This function accepts three parameters as mentioned above and described below   password  It stores the password of the user  algo  It is the password algorithm constant that is used continuously while denoting the algorithm which is to be used when the hashing of password takes place  options  It is an associative array  which contains the options  If this is removed and doesn   t include  a random salt is going to be used  and the utilization of a default cost will happen  Return Value  It returns the hashed password on success or False on failure   Example      Input   echo password hash  GFG 123   PASSWORD DEFAULT     Output    2y 10  vGA19Jh8YrwSJFDodbfoHJIOFH DfhuofGv3Fykk1a   Below programs illustrate the password hash   function in PHP       lt  php   echo password hash  GFG 123   PASSWORD DEFAULT     gt    OUTPUT      2y 10 Z166W1fBdsLcXPVQVfPw uRq1ueWMA6sLt9bmdUFz9AmOGLdM393G

User · Answer

The password hash   function in PHP is an inbuilt function   used to create a new password hash with different algorithms and options  the function uses a strong hashing algorithm  the function take 2 mandetory parametres   password and   algorithm   and 1 optional parameter   options    strongPassword   password hash   password   algorithm   options    Algoristrong textthms allowed right now for password hash   are    PASSWORD DEFAULT  PASSWORD BCRYPT  ASSWORD ARGON2I  PASSWORD ARGON2ID    example   echo password hash  quot abcDEF quot   PASSWORD DEFAULT   answer    2y 10 KwKceUaG84WInAif5ehdZOkE4kHPWTLp0ZK5a5OU2EbtdwQ9YIcGy  example   echo password hash  abcDEF   PASSWORD BCRYPT    answer   2y 10 SNly5bFzB R6OVbBMq1bj yiOZdsk6Mwgqi4BLR2sqdCvMyv AyL2  to use the BCRYPT as password  use option cost  12 in an array   also change  1st parameter  password to some strong password like  quot wgt167yuWBGY  1987   quot  Example  echo password hash  quot wgt167yuWBGY  1987   quot   PASSWORD BCRYPT    cost    gt  12    Answer    2y 12 TjSggXiFSidD63E QP8PJOds2texJfsk 82VaNU8XRZ niZhzkJ6S

User · Answer

Version 5 5 of PHP will have built-in support for BCrypt  the functions password hash   and password verify    Actually these are just wrappers around the function crypt    and shall make it easier to use it correctly  It takes care of the generation of a safe random salt  and provides good default values   The easiest way to use this functions will be    hashToStoreInDb   password hash  password  PASSWORD BCRYPT    isPasswordCorrect   password verify  password   existingHashFromDb     This code will hash the password with BCrypt  algorithm 2y   generates a random salt from the OS random source  and uses the default cost parameter  at the moment this is 10   The second line checks  if the user entered password matches an already stored hash-value   Should you want to change the cost parameter  you can do it like this  increasing the cost parameter by 1  doubles the needed time to calculate the hash value    hash   password hash  password  PASSWORD BCRYPT  array  cost    gt  11      In contrast to the  cost  parameter  it is best to omit the  salt  parameter  because the function already does its best to create a cryptographically safe salt   For PHP version 5 3 7 and later  there exists a compatibility pack  from the same author that made the password hash   function  For PHP versions before 5 3 7 there is no support for crypt   with 2y  the unicode safe BCrypt algorithm  One could replace it instead with 2a  which is the best alternative for earlier PHP versions

User · Answer

Current thinking  hashes should be the slowest available  not the fastest possible  This suppresses rainbow table attacks   Also related  but precautionary  An attacker should never have unlimited access to your login screen  To prevent that  Set up an IP address tracking table that records every hit along with the URI  If more than 5 attempts to login come from the same IP address in any five minute period  block with explanation  A secondary approach is to have a two-tiered password scheme  like banks do  Putting a lock-out for failures on the second pass boosts security   Summary  slow down the attacker by using time-consuming hash functions  Also  block on too many accesses to your login  and add a second password tier

User · Answer

Edit  2013 01 15 - If your server will support it  use martinstoeckli s solution instead     Everyone wants to make this more complicated than it is  The crypt   function does most of the work   function blowfishCrypt  password  cost         chars    ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789        salt sprintf   2y  02d    cost     For PHP  lt  PHP 5 3 7 use this instead        salt sprintf   2a  02d    cost         Create a 22 character salt -edit- 2013 01 15 - replaced rand with mt rand     mt srand        for  i 0  i lt 22  i     salt   chars mt rand 0 63        return crypt  password  salt       Example    hash blowfishCrypt  password  10     This creates the hash  hash blowfishCrypt  password  12     This creates a more secure hash if crypt  password   hash    hash     ok       This checks a password   I know it should be obvious  but please don t use  password  as your password

User · Answer

So  you want to use bcrypt  Awesome  However  like other areas of cryptography  you shouldn t be doing it yourself  If you need to worry about anything like managing keys  or storing salts or generating random numbers  you re doing it wrong   The reason is simple  it s so trivially easy to screw up bcrypt  In fact  if you look at almost every piece of code on this page  you ll notice that it s violating at least one of these common problems   Face It  Cryptography is hard   Leave it for the experts  Leave it for people whose job it is to maintain these libraries  If you need to make a decision  you re doing it wrong   Instead  just use a library  Several exist depending on your requirements   Libraries  Here is a breakdown of some of the more common APIs   PHP 5 5 API -  Available for 5 3 7    Starting in PHP 5 5  a new API for hashing passwords is being introduced  There is also a shim compatibility library maintained  by me  for 5 3 7   This has the benefit of being a peer-reviewed and simple to use implementation   function register  username   password         hash   password hash  password  PASSWORD BCRYPT       save  username   hash      function login  username   password         hash   loadHashByUsername  username       if  password verify  password   hash               login       else              failure           Really  it s aimed to be extremely simple   Resources    Documentation  on PHP net Compatibility Library  on GitHub PHP s RFC  on wiki php net   Zend Crypt Password Bcrypt  5 3 2    This is another API that s similar to the PHP 5 5 one  and does a similar purpose    function register  username   password         bcrypt   new Zend Crypt Password Bcrypt         hash    bcrypt- gt create  password       save  user   hash      function login  username   password         hash   loadHashByUsername  username        bcrypt   new Zend Crypt Password Bcrypt        if   bcrypt- gt verify  password   hash               login       else              failure           Resources    Documentation  on Zend Blog Post  Password Hashing With Zend Crypt   PasswordLib  This is a slightly different approach to password hashing  Rather than simply supporting bcrypt  PasswordLib supports a large number of hashing algorithms  It s mainly useful in contexts where you need to support compatibility with legacy and disparate systems that may be outside of your control  It supports a large number of hashing algorithms  And is supported 5 3 2   function register  username   password         lib   new PasswordLib PasswordLib         hash    lib- gt createPasswordHash  password    2y    array  cost    gt  12        save  user   hash      function login  username   password         hash   loadHashByUsername  username        lib   new PasswordLib PasswordLib        if   lib- gt verifyPasswordHash  password   hash               login       else              failure           References    Source Code   Documentation  GitHub   PHPASS  This is a layer that does support bcrypt  but also supports a fairly strong algorithm that s useful if you do not have access to PHP    5 3 2    It actually supports PHP 3 0   although not with bcrypt    function register  username   password         phpass   new PasswordHash 12  false        hash    phpass- gt HashPassword  password       save  user   hash      function login  username   password         hash   loadHashByUsername  username        phpass   new PasswordHash 12  false       if   phpass- gt CheckPassword  password   hash               login       else              failure           Resources   Code  cvsweb Project Site  on OpenWall A review of the  lt  5 3 0 algorithm  on StackOverflow   Note  Don t use the PHPASS alternatives that are not hosted on openwall  they are different projects     About BCrypt  If you notice  every one of these libraries returns a single string  That s because of how BCrypt works internally  And there are a TON of answers about that  Here are a selection that I ve written  that I won t copy paste here  but link to    Fundamental Difference Between Hashing And Encryption Algorithms - Explaining the terminology and some basic information about them  About reversing hashes without rainbow tables - Basically why we should use bcrypt in the first place    Storing bcrypt Hashes - basically why is the salt and algorithm included in the hash result  How to update the cost of bcrypt hashes - basically how to choose and then maintain the cost of the bcrypt hash  How to hash long passwords with bcrypt - explaining the 72 character password limit of bcrypt  How bcrypt uses salts Best practices of salting and peppering passwords - Basically  don t use a  pepper  Migrating old md5 passwords to bcrypt   Wrap Up  There are many different choices  Which you choose is up to you  However  I would HIGHLY recommend that you use one of the above libraries for handling this for you    Again  if you re using crypt   directly  you re probably doing something wrong  If your code is using hash    or md5   or sha1    directly  you re almost definitely doing something wrong   Just use a library

User · Answer

You can create a one-way hash with bcrypt using PHP s crypt   function and passing in an appropriate Blowfish salt  The most important of the whole equation is that A  the algorithm hasn t been compromised and B  you properly salt each password  Don t use an application-wide salt  that opens up your entire application to attack from a single set of Rainbow tables    PHP - Crypt Function

[php] How do you use bcrypt for hashing passwords in PHP?

Examples related to php

Examples related to passwords

Examples related to cryptography

Examples related to password-protection

Examples related to bcrypt