Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I'm using Lumen for the first time and am aware that it has a more limited feature set of encryption, out of the box at least.
Right now I'm just hashing a password and storing that hash in the users table using the default Hash::make($pw) / Hash::check($request->input('password') type functionality.
Without trying to open a can of works, is this really enough? Or do I need to use encryption of some kind ?
@arkid You don’t want encryption anywhere near passwords. Passwords should be hashed.
Hashing is a one-way process. Encryption is a two-way process and you want absolute no way of someone being able to regain the original plaintext value.
Please or to participate in this conversation.