How do I store user password with Bcrypt

2019-09-16 07:14发布

I am designing a php website, and I used sha1 to store password for the users, but I later read that sha1 is unsafe, Its better i use Bcrypt, now I try to find about Bcrypt but these questions - How do you use bcrypt for hashing.. and Is Bcrypt used for Hashing is too complex, I dont understand what they explain.

<?php $pass = sha1($_POST["password"]); ?>

but could it be:

<?php $pass = bcrypt($_POST["password"]); ?>

or which is better than both. Thanks

标签： php hash passwords sha1 bcrypt

1条回答

来，给爷笑一个

2楼-- · 2019-09-16 07:33

If you are using PHP version 5.5+, you may use the method password_hash(), and password_verify();

EXAMPLE:

$hash = password_hash("mypassword", PASSWORD_BCRYPT);

and to verify:

if (password_verify('mypassword', $hash)) {
    echo 'Password is valid!';
} else {
    echo 'Invalid password.';
}

This is the best and most secured in PHP today since the salt is built-in inside the method.

0人赞添加讨论(0) 举报

How do I store user password with Bcrypt

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间