I developed my site using XAMPP with php 5.5 installed. I just realize that my host only has php 5.4 (cannot update to 5.5 yet). My problem is that I cannot use the new php 5.5 password_hash()
feature. Is there an equivalent method for hashing with salt for php 5.4?
Is there a way to get this equivalent code (below) to work in php 5.4?
$options = [
'salt' => uniqid(mt_rand(), true),
'cost' => 12
];
$hash = password_hash($mypassword, PASSWORD_DEFAULT, $options);
password_hash() creates a new password hash using a strong one-way hashing algorithm. The following algorithms are currently supported: PASSWORD_DEFAULT - Use the bcrypt algorithm (default as of PHP 5.5. 0). Note that this constant is designed to change over time as new and stronger algorithms are added to PHP.
It is a one-way algorithm, in that you don't decrypt it to validate it, you simply pass the original string in with your password and if it generates the same hash for the provided password, you're authenticated. It's best to omit the salt and let it generate one for you.
The result hash from password_hash() is secure because: It uses a strong hashing algorithm. It adds a random salt to prevent rainbow tables and dictionary attacks.
Commonly used hashing algorithms include Message Digest (MDx) algorithms, such as MD5, and Secure Hash Algorithms (SHA), such as SHA-1 and the SHA-2 family that includes the widely used SHA-256 algorithm.
Use password_compat. It's a backward compatible library to emulate password_hash()
in older versions of PHP (5.3.7+).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With