Bcrypt algorithm using crypt() function of PHP.
More...
|
|
| | __construct ($options=[]) |
| | Constructor.
|
| |
| | create ($password) |
| | Bcrypt.
|
| |
| | verify ($password, $hash) |
| | Verify if a password is correct against a hash value.
|
| |
| | setCost ($cost) |
| | Set the cost parameter.
|
| |
| | getCost () |
| | Get the cost parameter.
|
| |
| | setSalt ($salt) |
| | Set the salt value.
|
| |
| | getSalt () |
| | Get the salt value.
|
| |
| | benchmarkCost ($timeTarget=0.05) |
| | Benchmark the bcrypt hash generation to determine the cost parameter based on time to target.
|
| |
Bcrypt algorithm using crypt() function of PHP.
| __construct |
( |
|
$options = [] | ) |
|
Constructor.
- Parameters
-
| array | Traversable | $options | |
- Exceptions
-
| Exception\InvalidArgumentException | |
| benchmarkCost |
( |
|
$timeTarget = 0.05 | ) |
|
Benchmark the bcrypt hash generation to determine the cost parameter based on time to target.
The default time to test is 50 milliseconds which is a good baseline for systems handling interactive logins. If you increase the time, you will get high cost with better security, but potentially expose your system to DoS attacks.
- See Also
- php.net/manual/en/function.password-hash.php#refsect1-function.password-hash-examples
- Parameters
-
| float | $timeTarget | Defaults to 50ms (0.05) |
- Returns
- int Maximum cost value that falls within the time to target.
Get the cost parameter.
- Returns
- string
Get the salt value.
- Returns
- string
Set the cost parameter.
- Parameters
-
- Exceptions
-
| Exception\InvalidArgumentException | |
- Returns
- Bcrypt
Set the salt value.
- Parameters
-
- Exceptions
-
| Exception\InvalidArgumentException | |
- Returns
- Bcrypt
| verify |
( |
|
$password, |
|
|
|
$hash |
|
) |
| |
Verify if a password is correct against a hash value.
- Parameters
-
| string | $password | |
| string | $hash | |
- Returns
- bool
Implements PasswordInterface.
