Where is the salt stored for password_hash?

Question

According to (relatively) new PHP documentation:

The password_hash function uses a random salt (which we should not worry about.. O_O), so if I understand correctly the salt has to be stored somewhere, else the user won't be able to login after registering to a website (different salt => different hash.)

The function documentation doesn't tell anything about interaction with a DB, and since I think storing per-user data is scalable only with a DB, where the heck does that function store the random salt? A txt file like session data?

Answer 1

Let's learn by example from what everyone else is telling you:

$options = [
    'cost' => 11,
    'salt' => 'abcdefghijklmnopqrstuv',
];
echo password_hash("rasmuslerdorf", PASSWORD_DEFAULT, $options)."\n";

Output:

$2y$11$abcdefghijklmnopqrstuu7aZVUzfW85EB4mHER81Oudv/rT.rmWm

The bolded parts are your cost and salt, respectively embedded in the resulting hash.

You can spit this back into password_verify and it will handle it accordingly:

print_r(password_verify('rasmuslerdorf', '$2y$11$abcdefghijklmnopqrstuu7aZVUzfW85EB4mHER81Oudv/rT.rmWm')); // true

Answer 2

The password_hash manual states

The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it. This allows the password_verify() function to verify the hash without needing separate storage for the salt or algorithm information.

Therefore the salt is already included in the hash you are saving in the db.