How should I hash passwords in CodeIgniter
31,949
private function hash_password($password){
return password_hash($password, PASSWORD_BCRYPT);
}
public function registerUser($username,$email,$password){
$data = array(
'username' => $username,
'email' => $email,
'password' => $this->hash_password($password)
);
return $this->db->insert('table_name', $data);
}
PASSWORD_BCRYPT
- Use theCRYPT_BLOWFISH
algorithm to create the hash. This will produce a standardcrypt()
compatible hash using the "$2y$" identifier. The result will always be a 60 character string, or FALSE on failure.
Source: http://php.net/manual/en/function.password-hash.php
Author by
AAron
Updated on November 05, 2020Comments
-
AAron over 3 years
I started to use Codeigniter framework and in their new release doc's they say
DO NOT use this or any other encryption library for user password storage! Passwords must be hashed instead, and you should do that via PHP’s own Password Hashing extension.
The problem is that I use PHP 5.3 and that extension requires 5.5
What should i use for hashing in PHP 5.3?
-
Laurel over 7 yearsBe sure to properly attribute things in the future.
-
kishor10d over 7 yearsI use this password-hash thing with codeigniter here blog.codeinsect.com/password-hashing-codeigniter