Stack Overflow
Stack Overflow

Questions tagged [phpass]

phpass is a portable public domain password hashing framework for use in PHP applications.

phpass is a portable public domain password hashing framework for use in PHP applications. It is meant to work with PHP 3 and above.

The preferred (most secure) hashing method supported by phpass is the OpenBSD-style Blowfish-based bcrypt, known in PHP as CRYPT_BLOWFISH, with a fallback to BSDI-style extended DES-based hashes, known in PHP as CRYPT_EXT_DES, and a last resort fallback to MD5-based salted and variable iteration count password hashes implemented in phpass itself (also referred to as portable hashes).

phpass is integrated into various open-source projects, most notably WordPress. A modified version of phpass is used in Drupal.

93 questions
0
votes
1 answer

phpass autologin?

How are you supposed to create an autologin feature on your webpage using phpass as encryption of the passwords? I mean, the way it checks the password is by giving the CheckPassword method the password in clear-text and a hashed string of that…
Eric
  • 18,532
  • 2
  • 34
  • 39
0
votes
1 answer

Is it possible to rewrite encryption from MD5 to PHPass without losing data?

I've inherited a migration project. The legacy database has PHPass encryption and the new database is MD5. Is it possible to "upgrade" from MD5 to PHPass and keep data integrity?
Sully
  • 1
0
votes
1 answer

I am using jQuery to post a php file, I am getting 500 internal server file, Why?

I am building a jQuery file to validate user input for login on a wordpress site. I have made functions to check the wordpress database for usernames, emails, and passwords. I have the functions working perfectly for usernames and emails, however…
Jacob Boyd
  • 672
  • 3
  • 19
0
votes
1 answer

PHPass producing warning: is_readable() [function.is-readable]: open_basedir restriction in effect

I'm using PHPass to encrypt passwords stored in my database. When running this code: if (is_readable('/dev/urandom') && ($fh = @fopen('/dev/urandom', 'rb'))) { ... } it produces this warning: Warning: is_readable() [function.is-readable]:…
Marcus
  • 6,697
  • 11
  • 46
  • 89
0
votes
2 answers

Using PHPass to hash password trouble

I am using PHPASS to store password encrypted and compare when login. here is the code ob_start(); $userName = $password = ""; $userNameErr = $passwordErr = $loginErr = ""; $hasher = new PasswordHash(8, false); if (isset($_POST['subEmployee'])) { …
Yousef Altaf
  • 2,631
  • 4
  • 46
  • 71
0
votes
0 answers

PHPass CheckPassword Always Returns False using PHP5.3

I am using PHPass and the CheckPassword function is ALWAYS returning a false despite everything I have tried and tested. I am doing this for an older PHP version of 5.3 (unfortunately) so there must be a nuance I am missing? Password Database Table…
TommyRay
  • 131
  • 8
0
votes
0 answers

phpass different results in local and host

I just put my project from localhost to my host and using the same (phpass) function I receive different results and the length of the returned string is also different. (and everything works on localhost.) Here's the result: Input:…
Cha
  • 41
  • 2
  • 7
0
votes
1 answer

Portion of Hashed password seen as variable by MySQL

Using phpass to generate hashes, the following string is generated: $2a$08$KHiiru4yzYh141GUh2xIMew//bCc7rxMuY1rtDApwA66/czIiurLi Then a standard query: "INSERT INTO su_auth ( AuthAlias, AuthUsername, …
Eamonn
  • 1,338
  • 2
  • 21
  • 53
0
votes
1 answer

How do I get information from a database using PDO?

I'm trying to create a login function that checks the password against the one I have stored in the database. I have used phpass to hash the password before it is entered if that is relevant. This is my code so far; obviously the check will not work…
carlgoodtoseeyou
  • 27
  • 1
  • 9
0
votes
1 answer

Registration page: Storing password using PHPASS

I'm attempting to store my users passwords using phpass but I'm struggling to implement it correctly. I had working code but I was storing my password as text, which I've learned is not safe. According to phpbestpractices.org the most secure way is…
carlgoodtoseeyou
  • 27
  • 1
  • 9
0
votes
1 answer

PHPass refuses to check hashes

include 'lib/php/PasswordHash.php'; $hash = $_GET['hash']; $pass = $_GET['pass']; $hasher = new PasswordHash(8, false); $pass = $hasher->HashPassword($pass); echo "Original:
" . $pass . "
"; $checked = $hasher->CheckPassword($pass,…
Peter Clotworthy
  • 144
  • 3
  • 13
0
votes
2 answers

Laravel password encryption

I'm bringing a web application from PHP core to Laravel 4. In the current application passwords are encrypted with phpass. Encrypted passwords of phpass are compatible with the encryption of laravel? or I have to implement phpass on laravel? Thanks.
Carmelo Pullara
  • 83
  • 1
  • 7
0
votes
1 answer

Adding namespace to phpass (or any class)

I am using http://www.openwall.com/phpass/ for hashing. I wish to add namespace to it, and added the single line as shown below. I then create my object,…
user1032531
  • 24,767
  • 68
  • 217
  • 387
0
votes
1 answer

phpass matching input password with stored password

I used phpass to hash my password on Insert as follows public function addAdmin(){ $this->load->library('phpass'); $this->load->database(); $psw = 'admin1234'; $hashed = $this->phpass->hash($psw); $now =…
Dilukshan Mahendra
  • 3,230
  • 7
  • 41
  • 62
0
votes
1 answer

PHPass: custom character set for hashes

I'm using PHPass to hash passwords and other authorization tasks. In one or two instances, I want to pass a hash as a parameter in a URL: example.com/verify/foobar/$P$Dg2Ytir3E4xSCEkRzB4W5jsPBQ2u6n0 Out of the box, PHPass uses . and / in the…
emersonthis
  • 32,822
  • 59
  • 210
  • 375
1 2 3 4
5
6 7