PHP download

Download the PHP package daggerx/password-hasher without Composer

On this page you can find all versions of the php package daggerx/password-hasher. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download daggerx/password-hasher
More information about daggerx/password-hasher
Files in daggerx/password-hasher

Vendor daggerx
Package password-hasher
Short Description Ultra-secure password hashing and encryption library.
License MIT

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of daggerx/password-hasher

Informations about the package password-hasher

🔥 DaggerX V3 — The Fastest, Strongest, PHP Security Library 🔥

DaggerX is an open-source password hashing and encryption library designed for unbreakable security. It ensures that even the platform owner cannot decrypt data without the correct secret key. With V3, DaggerX is now the fastest, strongest security library for PHP developers, offering key rotation, dual encryption modes, and optimized performance without compromising security.

🚀 What's New and Added in V3

✅ Key Rotation Support —

Seamlessly rotate your developer key ($devKey) for both password hashes and encrypted messages.
Protect against long-term key compromise with rotateHashKey() and rotateEncryptionKey().

✅ Dual Encryption Modes —

AES-256-GCM: Authenticated encryption with Additional Authenticated Data (AAD) support.
AES-256-CBC: Confidentiality with HMAC (SHA3-512) for integrity, for compatibility with legacy systems.

✅ Optimized for Speed —

Reduced Argon2id defaults: Memory Cost to 64 MB (from 128 MB), Time Cost to 3 iterations (from 5).
Still exceeds OWASP security recommendations while being faster for real-world use.

✅ Enhanced Security —

Deterministic key derivation with SHA3-512 for both hashing and encryption.
HMAC (SHA3-512) for AES-256-CBC ensures integrity.

✅ Session-Based Entropy (New) —

New function setSessionUsage() for incorporating session IDs or random bytes for better entropy.
Toggle session usage based on environment (CLI or Web).

✅ Argon2id Customization (New) —

Added support for customizing Argon2id parameters such as memory_cost, time_cost, and threads.
Optimize for your hardware and security needs.

✅ Key Derivation Separation (New) —

Separate key derivation logic for hashing and encryption.
Improves maintainability and modularity.

✅ Feared by Attackers —

Combines Argon2id, AES-256, and SHA3-512 with key rotation to create an impenetrable security layer.
A library that attackers will dread facing.

Installation (For PHP Developers)

Install via Composer:

Include in your project:

Hashing a Password

Verifying a Password

Encrypting a Message (AES-256-GCM with AAD)

Encrypting a Message (AES-256-CBC)

Decrypting a Message

Rotating a Hash Key

Rotating an Encryption Key

Customizing Argon2id Parameters for Performance

Example: Login and Registration System

DaggerX v3.0.0 can be used to create a secure login and registration system where: Passwords are hashed using hashPassword and verified with verifyPassword.

Sensitive data (e.g., the user's name) is encrypted with encryptMessage during registration and decrypted with decryptMessage during login.

Database Schema

Create a users table to store user data: sql

Important Notes on Column Lengths:

The password column should be atleast VARCHAR(1024) to accommodate the full base64-encoded hash (typically ~350-400 characters). A shorter length (e.g., VARCHAR(255)) will truncate the hash, causing verifyPassword to fail.

The name column should be atleast VARCHAR(512) to store the base64-encoded encrypted name, which can be longer than the plaintext name (e.g., ~160 characters for a short name like "John Doe").

Registration Example (register.php)

Logout Example (logout.php)

Key Considerations Session Usage: DaggerX v3.0.0 uses session IDs for entropy in password hashing by default. If the session ID changes between registration and login, verification will fail. Disable session usage with DaggerX::setSessionUsage(false) unless you can ensure session consistency (e.g., by persisting the session cookie across requests).

Developer Key: The $devKey must be the same for both hashing/verification and encryption/decryption. Store it securely (e.g., in an environment variable) and ensure it's consistent across your application.

Database Column Lengths: Ensure the password column is atleast (1024) and the name column (if encrypted) should be atleast (512) to avoid truncation issues, which can cause login failures.

Why Choose DaggerX?

Unbreakable Security:

Argon2id for memory-hard password hashing.
AES-256-GCM and AES-256-CBC for encryption, with SHA3-512 key derivation.
HMAC (SHA3-512) for CBC mode integrity.

Key Rotation:

Rotate keys without data loss to mitigate key compromise risks.

Dual Encryption Modes:

AES-256-GCM for authenticated encryption with AAD support.
AES-256-CBC with HMAC for compatibility and integrity.

Optimized Performance:

Faster Argon2id parameters for real-world use without sacrificing security.
Hardware-accelerated AES encryption for speed.

Session-Based Entropy:

Improved randomness using session IDs or random bytes.

Feared by Attackers:

A combination of modern cryptography, key rotation, and robust design makes DaggerX a nightmare for attackers.

Support DaggerX Development

DaggerX is free and open-source. If you find it useful, consider donating to support future development!
BTC Wallet Address:
[bc1qlza24cwwxlmtxm87lq7hltkya93aff6d5q496p]

Every donation helps keep DaggerX secure, fast, and feared by attackers for everyone.
Made with ❤️ by the DaggerX Team.
https://daggerx.vercel.app/

All versions of password-hasher with dependencies

PHP Build Version

Package Version

Version v3.0.0 Release 26. Mar 2025
create-project require 0 people chose require and
0 people chose create-project.

Download

Download latest version of password-hasher from vendor daggerx

Requires php Version >=8.0

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package daggerx/password-hasher contains the following files

Loading the files please wait ....