Are there any reasons not to use PHP's default password hashing library?

Question

I'm a fairly new developer and I want to ensure that I'm making the right decisions with regards to security. According to my research, it appears I should use a salted bcrypt hashing algorithm for my passwords. According to PHP 7's documentation, the password_hash functionality does exactly this. I don't even have to figure out a way to make my own salt as salting is included in password_hash. This seems like a simple correct answer to password hashing for PHP 7. However, simple correct answers are often wrong. What are the pitfalls of PHP's default password hashing library?

Most answers about PHP password hashing conclude that I should use password_hash/password_verify. However, my question is closer to 'how should I use them?' or 'what should I be aware of when using them?'

Answer 1

Seems you are looking for confirmation, so yes the password_hash() function is definitely the way to go, you can't do any better with a normal PHP installation. This function is future proof and can change the algorithm should this become necessary, while keeping backwards compatibility with existing hashes.

What you should do is:

1. Use the function with the parameter PASSWORD_DEFAULT, this allows to switch the algorithm in future. Have a look at the example below.
2. Store the hash in a database field of type varchar(255), so future algorithms can store their hashes as well.
3. Make sure you are working with a PHP version 5.3.7 or higher, so the function produces hashes with the identifier $2y$ (and not $2a$).

Example:

// Hash a new password for storing in the database.
// The function automatically generates a cryptographically safe salt.
$hashToStoreInDb = password_hash($password, PASSWORD_DEFAULT);

// Check if the hash of the entered login password, matches the stored hash.
// The salt and the cost factor will be extracted from $existingHashFromDb.
$isPasswordCorrect = password_verify($password, $existingHashFromDb);