How to create Laravel like password in php?

Hi,

How can we create a Like password in pure PHP without Laravel?

I dont know what is the algo in bcrypt() or password_hash()

RamjithAp

8 years ago

Level 10

Laravel uses bcrypt to hash the password. Try this

<?php
// secure hashing of passwords using bcrypt, needs PHP 5.3+
// see http://codahale.com/how-to-safely-store-a-password/
// salt for bcrypt needs to be 22 base64 characters (but just [./0-9A-Za-z]), see http://php.net/crypt
$salt = substr(strtr(base64_encode(openssl_random_pseudo_bytes(22)), '+', '.'), 0, 22);
// 2y is the bcrypt algorithm selector, see http://php.net/crypt
// 12 is the workload factor (around 300ms on my Core i7 machine), see http://php.net/crypt
$hash = crypt('foo', 'y$' . $salt);
// we can now use the generated hash as the argument to crypt(), since it too will contain y$... with a variation of the hash. No need to store the salt anymore, just the hash is enough!
var_dump($hash == crypt('foo', $hash)); // true
var_dump($hash == crypt('bar', $hash)); // false
?>

burlresearch

8 years ago

Level 40

If you really want the definitive approach, then the best thing to do is read the Laravel source code, this should show you exactly how the hashing is done:

https://github.com/laravel/framework/blob/5.5/src/Illuminate/Hashing/BcryptHasher.php#L26-L37

MoHoKh67

8 years ago

Level 5

@RamjithAp thank you but php send a warning about : Deprecated: crypt(): Supplied salt is not valid for DES. Possible bug in provided salt format.

MoHoKh67

8 years ago

Best Answer

Level 5

I found it.


$value ='Secret';


$password = password_hash($value, PASSWORD_BCRYPT, [10]);

$result = password_verify($value, $password);
var_dump($result );

All I needed to do is to verify the password.

Please or to participate in this conversation.