Stack Overflow
Stack Overflow

Questions tagged [phpass]

phpass is a portable public domain password hashing framework for use in PHP applications.

phpass is a portable public domain password hashing framework for use in PHP applications. It is meant to work with PHP 3 and above.

The preferred (most secure) hashing method supported by phpass is the OpenBSD-style Blowfish-based bcrypt, known in PHP as CRYPT_BLOWFISH, with a fallback to BSDI-style extended DES-based hashes, known in PHP as CRYPT_EXT_DES, and a last resort fallback to MD5-based salted and variable iteration count password hashes implemented in phpass itself (also referred to as portable hashes).

phpass is integrated into various open-source projects, most notably WordPress. A modified version of phpass is used in Drupal.

93 questions
4
votes
1 answer

phpass: why would HashPassword fail?

I'm reading phpass manual. At some point, it checks the result of the hashing like this: $hash = $hasher->HashPassword($pass); if (strlen($hash) < 20) fail('Failed to hash new password'); I understand that's the minimum lenght for a phpass…
bigstones
  • 15,087
  • 7
  • 65
  • 82
3
votes
1 answer

PHP Password Hash - PHPass

I'm checking out the PHPass Library that has been recommended in a lot of answers here on SO. But when I look at the generated passwords, I see something like this: Now some of these are just 1234, some are a bit more complex. Some are really…
DS.
  • 2,846
  • 4
  • 30
  • 35
3
votes
1 answer

phpass authentication fails in Yii

I'm trying to implement an phpass authentication in Yii, however it fails everytime. I've been reading many SO articles and haven't found a solution yet, so I'm thinking this must be a Yii specific issue. In User.php I'm saving the hashed…
keeg
  • 3,990
  • 8
  • 49
  • 97
2
votes
2 answers

Generate same password hash using PHPass

I am in the process of converting a site from Wordpress to a custom CMS developed in Codeigniter. I was told that Wordpress uses PHPass to hash their passwords, so I am using the PHPass library (as outlined at this site) in an attempt to seamlessly…
Motive
  • 3,071
  • 9
  • 40
  • 63
2
votes
1 answer

phpass hash similar functionality in swift

My wordpress backend is using phpass hash algorithm and giving me phpass using web service. In ios end in swift I am trying to generate same phpass hash in swift. Below are codes in swift and php. Both have same input but output is different. So…
Susim Samanta
  • 1,605
  • 1
  • 14
  • 30
2
votes
0 answers

Phpass throwing internal server error

I have a folder named API, inside which I have my .php files. The files are new_user.php (the source file), a file called db_connexion.php (which opens a PDO connection to my mySQL database) and a Phpass file called PasswordHash.php. Following this…
Miha Šušteršič
  • 9,742
  • 25
  • 92
  • 163
2
votes
3 answers

Using PHPass to hash passwords in Codeigniter

Just want to use PHPass in Codeigniter to hash the password. I downloaded the zip file from phpass website, extracted the content, and copied the PasswordHash.php file into my libraries folder. Then I loaded that library in my controller and tried…
EducateYourself
  • 971
  • 2
  • 13
  • 32
2
votes
1 answer

How to use PHPass to store passwords and compare during login

I have inserted a userid and password (phpass encrypted) to the database When a user logs in, the system compares for the matching userid and password But since I'm comparing the input password with the stored password by hashing the input…
Dilukshan Mahendra
  • 3,230
  • 7
  • 41
  • 62
2
votes
1 answer

Re-use of database with PHPass passwords

Just need a little advice. I have a website based on CodeIgniter and using TankAuth and PHPass. I want to recode the website with another framework (Symfony 2). Is there any way to allow user to log with their existing password or do I absolutely…
Valentin
  • 503
  • 1
  • 3
  • 15
2
votes
1 answer

phpass CheckPassword function always returns false, while trying to login. Newbie issue

Been trying to find solution in forums, and in stack's questions, but no results so you are my last hope. I'm using phpass for password encryption, sign up script works just fine, but when I try to login and use CheckPassword function it always…
user2699508
  • 61
  • 10
2
votes
1 answer

Migrating passwords from PHP site to Rails site

I have a php site with several thousand users that is using PHPass for password hashing. I've written a new Rails site that is using Devise for authentication. I'm trying to seamlessly migrate users over to the new rails site. Does anyone know a way…
Arel
  • 3,888
  • 6
  • 37
  • 91
2
votes
1 answer

Phpass - how to check login username and password against username and password hash in database

I have successfully used Phpass to hash registered users passwords and store them in a database, now i am stuck on the login how to check the sumbitted username and password, checking the username exists in the database then checking the hashed…
neeko
  • 1,930
  • 8
  • 44
  • 67
1
vote
1 answer

PHPass error: function name must be a string

I get this error with PHPass: Warning: is_readable(): open_basedir restriction in effect. File(/dev/urandom) is not within the allowed path(s): …
Deniz Zoeteman
  • 9,691
  • 26
  • 70
  • 97
1
vote
1 answer

I can't run the Phpass tests

Anyone know exaclty what's going wrong, I'm running Ubuntu (server) and have apache 2.2.14-5 and php 5.3.2-1 installed. When accessing the test.php file I get a HTTP 500 error. Here's what I get in my error.log [Thu Oct 27 16:15:41 2011] [error]…
Jonny Barnes
  • 515
  • 1
  • 12
  • 28
1
vote
2 answers

Why does phpass return different hashes for the same input string?

I'm used to having hashing algorythms return always the same hash. Why does phpass library return always different hashes? Does it have something to do with the IV? (I never fully understood that concept)
HappyDeveloper
  • 12,480
  • 22
  • 82
  • 117
1
2
3 4 5 6 7