Level 60
http://php.net/manual/en/function.password-needs-rehash.php
This may help you and take a look at api
https://github.com/laravel/framework/blob/5.7/src/Illuminate/Hashing/BcryptHasher.php#L82
Sep 27, 2018
3
Level 7
Checking If A Password Needs To Be Rehashed
I dont understand when I need to Checking If A Password Needs To Be Rehashed?
Level 7
My question was under what scenario I should check if a password needs to be rehashed
Level 60
https://stackoverflow.com/questions/41969122/when-do-i-need-to-use-password-needs-rehash
Here's a good answer from stack overflow.
The function password_needs_rehash() only needs to be used if you change the $options which usually refers to the cost.
Returns TRUE if the hash should be rehashed to match the given algo and options, or FALSE otherwise.
But this is from documentation: algo and options, I think that in following case should work too..
password_hash("password", PASSWORD_DEFAULT);
password_hash("password", PASSWORD_BCRYPT);
password_hash("password", PASSWORD_ARGON2I);
When should you check ?! After you increase the cost ( and maybe the algorithm )
$options = [
'cost' => 10, // 10 - is default value
];
password_hash("password", PASSWORD_BCRYPT);
after increasing cost
$options = [
'cost' => 11,
];
password_hash("password", PASSWORD_BCRYPT, $options); // now password is hashed with cost of 11, and you should check
Please or to participate in this conversation.