Antnee/password_hash_cost_calculator.php

## password_hash_cost_calculator.php
<?php
/**
 * Password Hash Cost Calculator
 *
 * Set the ideal time that you want a password_hash() call to take and this
 * script will keep testing until it finds the ideal cost value and let you
 * know what to set it to when it has finished
 */

// Milliseconds that a hash should take (ideally)
$mSec = 100;

$password = 'MyT3ST_P4$$w0rD';

echo "\nPassword Hash Cost Calculator\n\n";
echo "Testing BCRYPT hashing the password '$password'\n\n";
echo "We're going to run until the time to generate the hash takes longer than {$mSec}ms\n";

$cost = 3;
do {
    $cost++;
    echo "\nTesting cost value of $cost: ";
    $time = benchmark($password, $cost);
    echo "... took $time";
} while ($time < ($mSec/1000));

echo "\n\nIdeal cost is $cost\n";
echo "\nRunning 100 times to check the average:\n";

$start = microtime(true);
$times = [];
for ($i=1;$i<=100;$i++) {
    echo "\r$i/100";
    $times[] = benchmark($password, $cost);
}

echo "\n\ndone benchmarking in ".(microtime(true)-$start)."\n";

echo "\nSlowest time: ".max($times);
echo "\nFastest time: ".min($times);
echo "\nAverage time: ".(array_sum($times)/count($times));

echo "\n\nFinished\n";


function benchmark($password, $cost=4)
{
    $start = microtime(true);
    password_hash($password, PASSWORD_BCRYPT, ['cost'=>$cost]);
    return microtime(true) - $start;
}
	<?php
	/**
	* Password Hash Cost Calculator
	*
	* Set the ideal time that you want a password_hash() call to take and this
	* script will keep testing until it finds the ideal cost value and let you
	* know what to set it to when it has finished
	*/

	// Milliseconds that a hash should take (ideally)
	$mSec = 100;

	$password = 'MyT3ST_P4$$w0rD';

	echo "\nPassword Hash Cost Calculator\n\n";
	echo "Testing BCRYPT hashing the password '$password'\n\n";
	echo "We're going to run until the time to generate the hash takes longer than {$mSec}ms\n";

	$cost = 3;
	do {
	$cost++;
	echo "\nTesting cost value of $cost: ";
	$time = benchmark($password, $cost);
	echo "... took $time";
	} while ($time < ($mSec/1000));

	echo "\n\nIdeal cost is $cost\n";
	echo "\nRunning 100 times to check the average:\n";

	$start = microtime(true);
	$times = [];
	for ($i=1;$i<=100;$i++) {
	echo "\r$i/100";
	$times[] = benchmark($password, $cost);
	}

	echo "\n\ndone benchmarking in ".(microtime(true)-$start)."\n";

	echo "\nSlowest time: ".max($times);
	echo "\nFastest time: ".min($times);
	echo "\nAverage time: ".(array_sum($times)/count($times));

	echo "\n\nFinished\n";


	function benchmark($password, $cost=4)
	{
	$start = microtime(true);
	password_hash($password, PASSWORD_BCRYPT, ['cost'=>$cost]);
	return microtime(true) - $start;
	}