burnedfaceless
asked on
Does password_verify automatically detect the salt?
As I understand password verify a salt is encrypted and added to the database, then it is added to the password so that a different hash is generated.
Does password_verify automatically generate a salt in conjunction with password_hash?
How is the salt consistent (so that the correct salt is used when the password is verified) but different (so that it doesn't defeat the purpose of a salt)?
Does password_verify automatically generate a salt in conjunction with password_hash?
How is the salt consistent (so that the correct salt is used when the password is verified) but different (so that it doesn't defeat the purpose of a salt)?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I wrote an article about this:
https://www.experts-exchange.com/articles/28768/Password-Hashing-in-PHP.html
https://www.experts-exchange.com/articles/28768/Password-Hashing-in-PHP.html
ASKER