Celeritas
Reputation: 15091
Hash value always different on same input
I'm trying to use this hashing function but each time I reload the page it gives me a different string, except for the first 7 characters.
<?php
require("lib/password.php")
$pass = $_POST['input_password'];
echo 'Received: '.$pass.'<br />';
$passwordHash = 'default';
$passwordHash = password_hash(trim($pass), PASSWORD_DEFAULT, ["cost" => 11]);
echo 'Password hash is '.$passwordHash;
For example I pass over aaa and get the hashes
$2y$11$1Ll4twbmFNWhVxBOCeDWhOtZ4WchW.GYXK3LSH9BnW6AhXf45soWq
$2y$11$H0dmOkkq3rSgggDbGueRPusODmkZrrFqG7I/R1B0tFTQEYGHB0iZi
$2y$11$z0pFOoFsD5Bk0sx2TiT3kOd2awAwDBQAsQaxlDq11kNH.ldaS1qw2
I'm using WAMP Server 2.2 on Windows 7 64 bit and Firefox 17.
Upvotes: 5
Views: 4032
Answers (2)
phihag
Reputation: 288230
This is correct. The value includes a random salt in order to thwart rainbow table attacks.
Upvotes: 0
gen_Eric
Reputation: 227310
That hash algorithm uses a random salt each time. It's designed to be different each time, even with the same input.
To check passwords, use the password_verify function included in that library.
Note: The $2y$11$ at the beginning specifies the algorithm and cost used to generate the hash.
Upvotes: 8
Related Questions
- Why is PHP's hashing Algo not working right?
- php - password_hash returns false
- PHP password_hash function value isn't same for each string
- password_hash returns different value every time
- PHP Password hashing returning the same value
- PHP hash() function returns same value for different input
- Hash password function not working correctly
- Hashing passwords with exact same inputs doesn't output the same value
- Hashed passwords not matching
- hash passwords not matching