ss23/gist:774360

## gistfile1.php
<?php

$Password = 'SuperSecurePassword123';

// These only work for CRYPT_SHA512, but it should give you an idea of how crypt() works.
$Salt = uniqid(); // Could use the second parameter to give it more entropy.
$Algo = '6'; // This is CRYPT_SHA512 as shown on http://php.net/crypt
$Rounds = '5000'; // The more, the more secure it is!

// This is the "salt" string we give to crypt().
$CryptSalt = '$' . $Algo . '$rounds=' . $Rounds . '$' . $Salt;

$HashedPassword = crypt($Password, $CryptSalt);
echo "Generated a hashed password: " . $HashedPassword . "\n";


// Now, what about checking if a password is the right password?
if (crypt($Password, $HashedPassword) == $HashedPassword) {
    echo "Hashed Password matched Password";
}

if (crypt('WrongPasssword123', $HashedPassword) == $HashedPassword) {
    echo "Something isn't right! The wrong password matched...";
} else {
    echo "The wrong password made crypt return false. This is good";
}
	<?php

	$Password = 'SuperSecurePassword123';

	// These only work for CRYPT_SHA512, but it should give you an idea of how crypt() works.
	$Salt = uniqid(); // Could use the second parameter to give it more entropy.
	$Algo = '6'; // This is CRYPT_SHA512 as shown on http://php.net/crypt
	$Rounds = '5000'; // The more, the more secure it is!

	// This is the "salt" string we give to crypt().
	$CryptSalt = '$' . $Algo . '$rounds=' . $Rounds . '$' . $Salt;

	$HashedPassword = crypt($Password, $CryptSalt);
	echo "Generated a hashed password: " . $HashedPassword . "\n";


	// Now, what about checking if a password is the right password?
	if (crypt($Password, $HashedPassword) == $HashedPassword) {
	echo "Hashed Password matched Password";
	}

	if (crypt('WrongPasssword123', $HashedPassword) == $HashedPassword) {
	echo "Something isn't right! The wrong password matched...";
	} else {
	echo "The wrong password made crypt return false. This is good";
	}