PHP 8.5.0 Alpha 1 available for testing

password_get_info

(PHP 5 >= 5.5.0, PHP 7, PHP 8)

password_get_infoReturns information about the given hash

Description

password_get_info(string $hash): array

When passed in a valid hash created by an algorithm supported by password_hash(), this function will return an array of information about that hash.

Parameters

hash

A hash created by password_hash().

Return Values

Returns an associative array with three elements:

add a note

User Contributed Notes 1 note

up
5
cbungholio at gmail dot com
7 years ago
If you're curious to use this method to determine if there is someway to evaluate if a given string is NOT a password_hash() value...

<?php

/ Our password.. the kind of thing and idiot would have on his luggage:
$password_plaintext = "12345";

/ Hash it up, fuzzball!
$password_hash = password_hash( $password_plaintext, PASSWORD_DEFAULT, [ 'cost' => 11 ] );

/ What do we get?
print_r( password_get_info( $password_hash ) );

/* returns:
Array (
[algo] => 1
[algoName] => bcrypt / Your server's default.
[options] => Array ( [cost] => 11 )
)
*/

/ What about if it's un-hashed?...
print_r( password_get_info( $password_plaintext ) );

/* returns:
Array (
[algo] => 0
[algoName] => unknown
[options] => Array ( )
)
*/
?>

... Looks like it's up to each of us to personally decide if it's safe to compare against the final returned array.
To Top

Follow Lee on X/Twitter - Father, Husband, Serial builder creating AI, crypto, games & web tools. We are friends :) AI Will Come To Life!

Check out: eBank.nz (Art Generator) | Netwrck.com (AI Tools) | Text-Generator.io (AI API) | BitBank.nz (Crypto AI) | ReadingTime (Kids Reading) | RewordGame | BigMultiplayerChess | WebFiddle | How.nz | Helix AI Assistant