Download the PHP package coreymcmahon/phpass without Composer
On this page you can find all versions of the php package coreymcmahon/phpass. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download coreymcmahon/phpass
More information about coreymcmahon/phpass
Files in coreymcmahon/phpass
Package phpass
Short Description PHP Password Library: Easy, secure password management for PHP
License MIT
Homepage https://github.com/coreymcmahon/phpass
Informations about the package phpass
PHP Password Library
The PHP Password Library is designed to ease the tasks associated with working with passwords in PHP. It is capable of generating strong cryptographic password hashes, verifying supplied password strings against those hashes, and calculating the strength of a password string using various algorithms.
This project was inspired by Openwall's portable hashing library for PHP and PassLib for Python.
Features
- Create and verify secure password hashes with only a few lines of code.
- Supports bcrypt and PBKDF2 out of the box.
- Easily extend to support additional hashing methods.
- Additional password strength component based on well-known algorithms.
- Follows the PSR-0 standard for autoloader compatibility.
Installation via Composer
-
Install Composer to your project root:
-
Add a
composer.json
file to your project: - Run the Composer installer:
Usage
Hashing passwords
The library provides the ability to generate strong cryptographic hashes of user passwords using a variety of methods. Each method may be customized as needed, and may also be combined with HMAC hashing when using the base class.
Examples
Use the default bcrypt adapter:
Use the PBKDF2 adapter:
Create and verify a password hash:
Calculating password strength
There are many different ways to calculate the relative strength of a given password, and this library supports a few of the most common. Each method returns a number which represents the estimated entropy for the given password. It's up to the developer to determine the minimum calculated entropy to accept. Combined with a sensible password policy, this can be a valuable tool in selecting strong passwords.
Examples
Calculate a password's entropy using NIST recommendations:
Calculate a password's entropy using Wolfram Alpha's algorithm: