How can password_hash() and password_verify() be used to store and verify passwords securely in PHP?
Storing passwords securely is crucial to protect user data. PHP provides the password_hash() function to securely hash passwords and the password_verify() function to verify hashed passwords. By using these functions, passwords are stored in a hashed format, making it difficult for attackers to reverse engineer the original password.
// Storing password securely using password_hash()
$password = "secretPassword";
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
// Verifying password using password_verify()
$userInput = "secretPassword";
if (password_verify($userInput, $hashedPassword)) {
echo "Password is correct!";
} else {
echo "Password is incorrect!";
}
Keywords
Related Questions
- What are some common methods for checking if data from CSV files already exists in a database using PHP?
- What are the potential pitfalls of using the floor function in PHP for time calculations?
- How can foreach() be effectively utilized to iterate through and count elements in multidimensional arrays in PHP?