Menu
I'm trying to use this hashing function but each time I reload the page it gives me a different string, except for the first 7 characters.
<?php
require("lib/password.php")
$pass = $_POST['input_password'];
echo 'Received: '.$pass.'<br />';
$passwordHash = 'default';
$passwordHash = password_hash(trim($pass), PASSWORD_DEFAULT, ["cost" => 11]);
echo 'Password hash is '.$passwordHash;
For example I pass over aaa and get the hashes
$2y$11$1Ll4twbmFNWhVxBOCeDWhOtZ4WchW.GYXK3LSH9BnW6AhXf45soWq
$2y$11$H0dmOkkq3rSgggDbGueRPusODmkZrrFqG7I/R1B0tFTQEYGHB0iZi
$2y$11$z0pFOoFsD5Bk0sx2TiT3kOd2awAwDBQAsQaxlDq11kNH.ldaS1qw2
I'm using WAMP Server 2.2 on Windows 7 64 bit and Firefox 17.
619
This process generates an output, called a hash value, of a fixed length. A hash function is deterministic, meaning that, regardless of the size of the input, the output will always be the same size.
This means that no matter what combination of symbols are used as the input, they will always produce a one-of-a-kind string of digits and characters. Hashing is a method for cryptographically encoding data. It produces a fixed-length output from any input. The same input always produces the same hash.
If the hash values for the original and copy are different, then the copy is not identical to the original. If the hash values for the original and copy are the same, it is highly improbable that the original and copy are not identical.
Hashing works in one direction only – for a given piece of data, you'll always get the same hash BUT you can't turn a hash back into its original data.
That hash algorithm uses a random salt each time. It's designed to be different each time, even with the same input.
To check passwords, use the password_verify function included in that library.
Note: The $2y$11$ at the beginning specifies the algorithm and cost used to generate the hash.
82
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
