Download the PHP package yarri/my-blowfish without Composer
On this page you can find all versions of the php package yarri/my-blowfish. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Informations about the package my-blowfish
MyBlowfish
MyBlowfish is a simple PHP class for password hashing and checking using the Blowfish (bcrypt) algorithm.
It was originally developed for ATK14 Framework, but it can be used in any application.
- Installation
- Basic usage
- Blowfish rounds
- Blowfish hash prefixes
- A popular integration into an ATK14 project
- Testing
- License
Installation
Basic usage
Blowfish rounds
The complexity of a Blowfish hash calculation can be affected by the number of rounds. The higher the value, the more time-consuming the password cracking process becomes. The default value in MyBlowfish is 12.
The number of rounds can be set by the constant MY_BLOWFISH_ROUNDS:
Beware that high values of Blowfish rounds may lead to unacceptably long hash calculation times.
Blowfish hash prefixes
Blowfish hashes are prefixed with either $2a$, $2b$ or $2y$. MyBlowfish can handle all of them.
The default prefix is $2y$, which is the recommended modern variant — it fixes a bug present in the original $2a$ implementation.
The default prefix can be changed via the constant MY_BLOWFISH_PREFIX:
A popular integration into an ATK14 project
Consider a table users which has among other fields login and password.
Passwords should never be stored in plain text — only as Blowfish hashes.
This can be achieved transparently in the model class User:
Let's test it in the ATK14 console:
Testing
MyBlowfish is tested automatically via GitHub Actions across PHP 5.6 to PHP 8.5.
Tests use the atk14/tester wrapper for phpunit/phpunit.
Install development dependencies:
Run the test suite:
License
MyBlowfish is free software distributed under the terms of the MIT license