Store Passwords Securely with PHP

The Secure Passwords app generate unique passwords for every using the most secure bCrypt algorithm. The open source PHPass library also uses the Blowfish-based bcrypt library to create password hashes that you can use to store passwords in the database.

When the user enter a password during login, you can compute the hash and compare it with the hash in your database. This is more secure than other algorithms like md5, sha1, sha512, etc since they can be reversed though brutal force.

HashPassword('correct password');
// Check if a user has provided the correct password by comparing what they typed with our hash
$hasher->CheckPassword('wrong password', $hashedPassword); // false 
$hasher->CheckPassword('correct password', $hashedPassword); // true