How should I hash passwords in CodeIgniter

php codeigniter hash php-5.3

31,949

private function hash_password($password){
   return password_hash($password, PASSWORD_BCRYPT);
}
public function registerUser($username,$email,$password){
   $data = array(
     'username' => $username,
      'email' => $email,
     'password' => $this->hash_password($password)
);
return $this->db->insert('table_name', $data);
}

PASSWORD_BCRYPT - Use the CRYPT_BLOWFISH algorithm to create the hash. This will produce a standard crypt() compatible hash using the "$2y$" identifier. The result will always be a 60 character string, or FALSE on failure.
_{Source: http://php.net/manual/en/function.password-hash.php}

31,949

Author by

AAron

Updated on November 05, 2020

Comments

AAron over 3 years

I started to use Codeigniter framework and in their new release doc's they say

DO NOT use this or any other encryption library for user password storage! Passwords must be hashed instead, and you should do that via PHP’s own Password Hashing extension.

The problem is that I use PHP 5.3 and that extension requires 5.5

What should i use for hashing in PHP 5.3?
Laurel over 7 years

Be sure to properly attribute things in the future.
kishor10d over 7 years

I use this password-hash thing with codeigniter here blog.codeinsect.com/password-hashing-codeigniter