password_hash

(PHP 5 >= 5.5.0, PHP 7)

password_hash锟斤拷锟斤拷锟斤拷锟斤拷锟缴拷校锟絟ash锟斤拷

说锟斤拷

password_hash ( string $password , int $algo [, array $options ] ) : string

password_hash() 使锟斤拷锟姐够强锟饺的碉拷锟斤拷散锟斤拷锟姐法锟斤拷锟斤拷锟斤拷锟斤拷锟缴拷校锟絟ash锟斤拷锟斤拷 password_hash() 锟斤拷锟斤拷 crypt()锟斤拷 锟斤拷锟皆o拷 crypt() 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷散锟斤拷也锟斤拷锟斤拷锟斤拷 password_hash()锟斤拷

锟斤拷前支锟街碉拷锟姐法锟斤拷

  • PASSWORD_DEFAULT - 使锟斤拷 bcrypt 锟姐法 (PHP 5.5.0 默锟斤拷)锟斤拷 注锟解,锟矫筹拷锟斤拷锟斤拷锟斤拷锟斤拷 PHP 锟斤拷锟斤拷锟斤拷赂锟斤拷锟角匡拷鹊锟斤拷惴拷锟斤拷谋洹� 锟斤拷锟皆o拷使锟矫此筹拷锟斤拷锟斤拷锟缴斤拷锟斤拷某锟斤拷冉锟斤拷锟轿达拷锟斤拷斜浠拷锟� 锟斤拷耍锟斤拷锟斤拷菘锟斤拷锎拷锟斤拷锟斤拷锟斤拷锌沙锟斤拷锟�60锟斤拷锟街凤拷锟斤拷锟斤拷锟斤拷锟�255锟斤拷锟街凤拷锟斤拷锟斤拷
  • PASSWORD_BCRYPT - 使锟斤拷 CRYPT_BLOWFISH 锟姐法锟斤拷锟斤拷散锟叫★拷 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷使锟斤拷 "$2y$" 锟斤拷 crypt()锟斤拷 锟斤拷锟斤拷锟斤拷锟斤拷锟� 60 锟斤拷锟街凤拷锟斤拷锟街凤拷锟斤拷锟斤拷 锟斤拷锟斤拷锟斤拷失锟斤拷时锟斤拷锟斤拷 FALSE锟斤拷
  • PASSWORD_ARGON2I - 使锟斤拷 Argon2 散锟斤拷锟姐法锟斤拷锟斤拷散锟叫★拷

PASSWORD_BCRYPT 支锟街碉拷选锟筋:

  • salt(string) - 锟街讹拷锟结供散锟斤拷锟斤拷锟斤拷锟斤拷锟街碉拷锟絪alt锟斤拷锟斤拷锟解将锟斤拷锟斤拷锟皆讹拷锟斤拷锟斤拷锟斤拷值锟斤拷salt锟斤拷锟斤拷

    省锟皆达拷值锟斤拷password_hash() 锟斤拷为每锟斤拷锟斤拷锟斤拷散锟斤拷锟皆讹拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟街碉拷锟斤拷锟斤拷植锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷模式锟斤拷

    Warning

    锟斤拷值锟斤拷salt锟斤拷选锟斤拷锟� PHP 7.0.0 锟斤拷始锟斤拷锟斤拷锟斤拷锟斤拷deprecated锟斤拷锟剿★拷 锟斤拷锟斤拷锟斤拷锟窖★拷锟津单碉拷使锟斤拷默锟较诧拷锟斤拷锟斤拷锟斤拷值锟斤拷

  • cost (integer) - 锟斤拷锟斤拷锟姐法使锟矫碉拷 cost锟斤拷crypt() 页锟斤拷锟斤拷锟斤拷 cost 值锟斤拷锟斤拷锟接★拷

    省锟斤拷时锟斤拷默锟斤拷值锟斤拷 10锟斤拷 锟斤拷锟� cost 锟角革拷锟斤拷锟斤拷牡锟斤拷撸锟斤拷锟揭诧拷锟斤拷锟皆革拷锟斤拷锟皆硷拷硬锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷哟锟斤拷锟斤拷值锟斤拷

PASSWORD_ARGON2I 支锟街碉拷选锟筋:

  • memory_cost (integer) - 锟斤拷锟斤拷 Argon2 散锟斤拷时锟斤拷锟斤拷锟斤拷诖妫拷锟轿伙拷锟斤拷纸锟� byte锟斤拷锟斤拷默锟斤拷值锟斤拷 PASSWORD_ARGON2_DEFAULT_MEMORY_COST锟斤拷

  • time_cost (integer) - 锟斤拷锟斤拷 Argon2 散锟斤拷时锟斤拷锟斤拷时锟戒。默锟斤拷值锟斤拷 PASSWORD_ARGON2_DEFAULT_TIME_COST锟斤拷

  • threads (integer) - 锟斤拷锟斤拷 Argon2 散锟斤拷时锟斤拷锟斤拷锟竭筹拷锟斤拷锟斤拷默锟斤拷值锟斤拷 PASSWORD_ARGON2_DEFAULT_THREADS锟斤拷

锟斤拷锟斤拷

password

锟矫伙拷锟斤拷锟斤拷锟诫。

Caution

使锟斤拷PASSWORD_BCRYPT 锟斤拷锟姐法锟斤拷锟斤拷使 password 锟斤拷锟斤拷锟筋长为72锟斤拷锟街凤拷锟斤拷锟斤拷锟斤拷锟结被锟截断★拷

algo

一锟斤拷锟斤拷锟斤拷锟斤拷散锟斤拷锟斤拷锟斤拷时指示锟姐法锟斤拷锟斤拷锟斤拷锟姐法锟斤拷锟斤拷锟斤拷

options

一锟斤拷锟斤拷锟斤拷锟斤拷选锟斤拷墓锟斤拷锟斤拷锟斤拷椤D壳爸э拷锟斤拷锟斤拷锟窖★拷睿�salt锟斤拷锟斤拷散锟斤拷锟斤拷锟斤拷时锟接碉拷锟轿o拷锟斤拷锟斤拷锟街凤拷锟斤拷锟斤拷锟斤拷锟皆硷拷cost锟斤拷锟斤拷锟斤拷指锟斤拷锟姐法锟捷癸拷牟锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟街碉拷锟斤拷锟斤拷涌锟斤拷锟� crypt() 页锟斤拷锟揭碉拷锟斤拷

省锟皆后,斤拷使锟斤拷锟斤拷锟斤拷锟街碉拷锟侥拷锟� cost锟斤拷

锟斤拷锟斤拷值

锟斤拷锟斤拷散锟叫猴拷锟斤拷锟斤拷耄� 锟斤拷锟斤拷锟斤拷失锟斤拷时锟斤拷锟斤拷 FALSE锟斤拷

使锟矫碉拷锟姐法锟斤拷cost 锟斤拷锟斤拷值锟斤拷为散锟叫碉拷一锟斤拷锟街凤拷锟截★拷锟斤拷锟斤拷锟斤拷证散锟斤拷值锟斤拷锟斤拷锟斤拷锟斤拷息锟斤拷锟窖撅拷锟斤拷锟斤拷锟斤拷锟节★拷 锟斤拷使 password_verify() 锟斤拷锟斤拷锟斤拷证锟斤拷时锟津,诧拷锟斤拷要锟斤拷锟解储锟斤拷锟斤拷值锟斤拷锟斤拷锟姐法锟斤拷锟斤拷息锟斤拷

锟斤拷锟斤拷

Example #1 password_hash() 锟斤拷锟斤拷

<?php
/**
 * 锟斤拷锟斤拷锟斤拷要使锟斤拷默锟斤拷锟姐法散锟斤拷锟斤拷锟斤拷
 * 锟斤拷前锟斤拷 BCRYPT锟斤拷锟斤拷锟斤拷锟斤拷锟� 60 锟斤拷锟街凤拷锟侥斤拷锟斤拷锟�
 *
 * 锟斤拷注锟解,锟斤拷时锟斤拷锟斤拷锟狡o拷默锟斤拷锟姐法锟斤拷锟杰伙拷锟叫变化锟斤拷
 * 锟斤拷锟斤拷锟斤拷要锟斤拷锟斤拷目占锟斤拷芄锟斤拷锟斤拷锟� 60 锟街o拷255锟街诧拷锟斤拷
 */
echo password_hash("rasmuslerdorf"PASSWORD_DEFAULT);
?>

锟斤拷锟斤拷锟斤拷锟教碉拷锟斤拷锟斤拷锟斤拷锟斤拷冢锟�

$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a

Example #2 password_hash() 锟街讹拷锟斤拷锟斤拷 cost 锟斤拷锟斤拷锟斤拷

<?php
/**
 * 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷铮拷锟斤拷锟轿� BCRYPT 锟斤拷锟斤拷 cost 锟斤拷 12锟斤拷
 * 注锟解,锟斤拷锟斤拷锟窖撅拷锟叫伙拷锟斤拷锟剿o拷锟斤拷始锟秸诧拷锟斤拷 60 锟斤拷锟街凤拷锟斤拷
 */
$options = [
    'cost' => 12,
];
echo password_hash("rasmuslerdorf"PASSWORD_BCRYPT$options);
?>

锟斤拷锟斤拷锟斤拷锟教碉拷锟斤拷锟斤拷锟斤拷锟斤拷冢锟�

$2y$12$QjSH496pcT5CEbzjD/vtVeH03tfHKFy36d4J0Ltp3lRtee9HDxY3K

Example #3 password_hash() 锟街讹拷锟斤拷锟斤拷锟斤拷值锟斤拷锟斤拷锟斤拷

<?php
/**
 * 注锟解,锟斤拷锟斤拷锟斤拷锟街碉拷锟斤拷锟斤拷锟斤拷锟斤拷锟侥★拷
 * 锟斤拷远锟斤拷锟斤拷要使锟矫固讹拷锟斤拷值锟斤拷锟斤拷锟竭诧拷锟斤拷锟斤拷锟斤拷锟斤拷傻锟斤拷锟街碉拷锟�
 *
 * 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟铰o拷锟斤拷锟斤拷锟斤拷 password_hash generate 为锟斤拷锟皆讹拷锟斤拷锟斤拷锟斤拷锟斤拷锟街�
 */
$options = [
    'cost' => 11,
    'salt' => mcrypt_create_iv(22MCRYPT_DEV_URANDOM),
];
echo password_hash("rasmuslerdorf"PASSWORD_BCRYPT$options);
?>

锟斤拷锟斤拷锟斤拷锟教碉拷锟斤拷锟斤拷锟斤拷锟斤拷冢锟�

$2y$11$q5MkhSBtlsJcNEVsYh64a.aCluzHnGog7TQAKVmQwO9C8xb.t89F.

Example #4 寻锟斤拷锟斤拷锟� cost 锟斤拷 password_hash() 锟斤拷锟斤拷

<?php
/**
 * 锟斤拷锟斤拷锟斤拷佣苑锟斤拷锟斤拷锟斤拷锟斤拷嘶锟阶硷拷锟斤拷裕锟絙enchmark锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟杰筹拷锟杰讹拷叩锟� cost
 * 锟节诧拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷驴锟斤拷锟斤拷锟斤拷锟斤拷锟竭碉拷值
 * 8-10 锟角革拷锟斤拷锟斤拷牡锟斤拷撸锟斤拷诜锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷拢锟皆斤拷锟皆斤拷谩锟�
 * 锟斤拷锟铰达拷锟斤拷目锟斤拷为  锟斤拷 50 锟斤拷锟诫(milliseconds锟斤拷锟斤拷
 * 锟绞猴拷系统锟斤拷锟斤拷锟斤拷锟斤拷录锟斤拷
 */
$timeTarget 0.05// 50 锟斤拷锟诫(milliseconds锟斤拷 

$cost 8;
do {
    $cost++;
    $start microtime(true);
    password_hash("test"PASSWORD_BCRYPT, ["cost" => $cost]);
    $end microtime(true);
} while (($end $start) < $timeTarget);

echo "Appropriate Cost Found: " $cost;
?>

锟斤拷锟斤拷锟斤拷锟教碉拷锟斤拷锟斤拷锟斤拷锟斤拷冢锟�

Appropriate Cost Found: 10

Example #5 使锟斤拷 Argon2 锟斤拷password_hash()锟斤拷锟斤拷

<?php
echo 'Argon2 hash: ' password_hash('rasmuslerdorf'PASSWORD_ARGON2I);
?>

锟斤拷锟斤拷锟斤拷锟教碉拷锟斤拷锟斤拷锟斤拷锟斤拷冢锟�

Argon2 hash: $argon2i$v=19$m=1024,t=2,p=2$YzJBSzV4TUhkMzc3d3laeg$zqU/1IN0/AogfP4cmSJI1vc8lpXRW9/S0sYY2i2jHT0

注锟斤拷

Caution

强锟揭斤拷锟介不要锟皆硷拷为锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟街碉拷锟絪alt锟斤拷锟斤拷只要锟斤拷锟斤拷锟矫o拷锟斤拷锟斤拷锟皆讹拷锟斤拷锟斤拷锟斤拷全锟斤拷锟斤拷值锟斤拷

锟斤拷锟斤拷锟斤拷锟斤拷锟结及锟侥o拷锟斤拷 PHP 7.0 锟结供 salt选锟斤拷岬硷拷路锟斤拷锟斤拷锟絛eprecation锟斤拷锟斤拷锟芥。 未锟斤拷锟斤拷 PHP 锟斤拷锟叫帮拷锟斤,锟街讹拷锟结供锟斤拷值锟侥癸拷锟杰匡拷锟杰会被删锟斤拷锟斤拷

Note:

锟节斤拷锟斤拷锟斤拷系统锟较o拷锟狡硷拷锟斤拷锟皆硷拷锟侥凤拷锟斤拷锟斤拷锟较诧拷锟皆此猴拷锟斤拷锟斤拷锟斤拷锟斤拷 cost 锟斤拷锟斤拷直锟斤拷锟斤拷锟斤拷时锟戒开锟斤拷小锟斤拷 100 锟斤拷锟诫(milliseconds锟斤拷锟斤拷 锟斤拷锟斤拷疟锟斤拷锟斤拷锟斤拷踊锟斤拷锟斤拷选锟斤拷锟斤拷锟接诧拷锟斤拷锟斤拷锟斤拷 cost锟斤拷

Note: 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟街э拷值锟斤拷惴ㄊ憋拷锟斤拷锟斤拷薷锟侥拷锟斤拷惴拷锟斤拷锟斤拷囟锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷鹿锟斤拷锟�

  • 锟轿猴拷锟节猴拷锟叫碉拷锟斤拷锟姐法锟斤拷锟斤拷锟节撅拷锟斤拷一锟斤拷 PHP 锟斤拷锟斤拷锟斤拷锟叫诧拷锟杰筹拷为默锟斤拷锟姐法锟斤拷 锟斤拷锟界,锟斤拷 PHP 7.5.5 锟斤拷锟斤拷拥锟斤拷锟斤拷惴拷锟斤拷锟� PHP 7.7 之前锟斤拷锟杰筹拷为默锟斤拷锟姐法 锟斤拷锟斤拷锟斤拷 7.6 锟角碉拷一锟斤拷锟斤拷锟斤拷锟斤拷锟叫版)锟斤拷 锟斤拷锟斤拷锟斤拷锟斤拷锟� 7.6.0 锟斤拷锟斤拷拥牟锟酵拷惴拷锟斤拷锟� 7.7.0 锟斤拷也锟斤拷锟皆筹拷为默锟斤拷锟姐法锟斤拷
  • 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟叫帮拷锟斤拷锟睫革拷默锟斤拷锟姐法锟斤拷锟斤拷锟斤拷 7.3.0, 8.0.0锟斤拷锟饺等o拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟睫讹拷锟芥。 唯一锟斤拷锟斤拷锟斤拷锟角o拷锟节碉拷前默锟斤拷锟姐法锟斤发锟斤拷锟剿斤拷锟斤拷锟侥帮拷全锟斤拷胁锟斤拷

锟斤拷锟斤拷锟斤拷志

锟芥本 说锟斤拷
7.2.0 锟斤拷锟� PASSWORD_ARGON2I锟斤拷支锟斤拷 Argon2 锟斤拷锟斤拷散锟斤拷锟姐法锟斤拷

锟轿硷拷