Password hashing produces different results every time in Laravel 4.2

Question

I have problem with password hashing. This is my controller

 public function registerUser() {
    $valid = Validator::make(Input::all(), array(
        'pass' => 'required|min:5',
        'pass2' => 'required|same:pass'
    ));

    if($valid->fails()) {
        return Redirect::route('register')->withErrors($valid)->withInput();
    }
    // $password = Input::get('pass');
    if(Input::hasFile('photo')) {
        $img = Input::file('photo');
        if($img->isValid()) {
            echo Hash::make(Input::get('pass'));
        }else{
            return Redirect::route('register')->withInput()->with('errorimg','image-error');
        }
    }else{
        echo Hash::make(Input::get('pass'));
    }

    //return Redirect::route('register')->with('success','register-success');
}

Everytime I refresh my browser, the hashed pass is always change.

ex : if I put "qwerty" as pass, it should show

$2y$10$PPgHGUmdHFl.fgF39.thDe7qbLxct5sZkJCH9mHNx1yivMTq8P/zi

Answer 1

Generating a different hash every time is on purpose, because the Hash::make() method will generate a random salt. A random salt is necessary to securely protect the user's passwords.

To check an entered password against the stored hash, you can use the method Hash::check(), it will extract the used salt from the hash-value and uses it to generate comparable hashes.

// Hash a new password for storing in the database.
// The function automatically generates a cryptographically safe salt.
$hashToStoreInDb = Hash::make($password);

// Check if the hash of the entered login password, matches the stored hash.
// The salt and the cost factor will be extracted from $existingHashFromDb.
$isPasswordCorrect = Hash::check($password, $existingHashFromDb);

Answer 2

That's because if you don't give a salt bcrypt creates one every time it hashes something.

Source