d3spi
/ bcrypt.php
Created
February 6, 2018 22:09
— forked from dzuelke/bcrypt.php
How to use bcrypt in PHP to safely store passwords (PHP 5.3+ only)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // secure hashing of passwords using bcrypt, needs PHP 5.3+ | |
| // see http://codahale.com/how-to-safely-store-a-password/ | |
| // salt for bcrypt needs to be 22 base64 characters (but just [./0-9A-Za-z]), see http://php.net/crypt | |
| $salt = substr(strtr(base64_encode(openssl_random_pseudo_bytes(22)), '+', '.'), 0, 22); | |
| // 2y is the bcrypt algorithm selector, see http://php.net/crypt | |
| // 12 is the workload factor (around 300ms on my Core i7 machine), see http://php.net/crypt |