Maximum length of generated hash when using password_hash?

by

From the password_hash documentation:

The following algorithms are currently supported:

PASSWORD_DEFAULT – Use the bcrypt algorithm (default as of PHP 5.5.0).
Note that this constant is designed to change over time as new and
stronger algorithms are added to PHP. For that reason, the length of
the result from using this identifier can change over time. Therefore,
it is recommended to store the result in a database column that can
expand beyond 60 characters (255 characters would be a good choice).

PASSWORD_BCRYPT – Use the CRYPT_BLOWFISH algorithm to create the hash.
This will produce a standard crypt() compatible hash using the “$2y$”
identifier. The result will always be a 60 character string, or FALSE
on failure.

Therefore, using PASSWORD_BCRYPT, the result of password_hash will be a 60 character string.

More Related Contents:

  1. Where to put password_verify in login script?
  2. bcrypt and randomly generated salts
  3. Call to undefined function password_hash()
  4. How to make array inside in foreach loop – php? [closed]
  5. Please rectify this syntax error echo ” ” Add to cart “”; [closed]
  6. Can anyone help me what is wrong in this code ajax using with php? [closed]
  7. MySQL vs MySQLi when using PHP [closed]
  8. Get the first element of an array
  9. PHP Elvis operator vs null coalescing operator
  10. PHP preg_match to find multiple occurrences
  11. Convert command line cURL to PHP cURL
  12. Facebook API – How do I get a Facebook user’s profile image through the Facebook API (without requiring the user to “Allow” the application)
  13. mysqli_stmt::bind_param(): Number of elements in type definition string doesn’t match number of bind variables
  14. How to access dynamic variable names in twig?
  15. How can I truncate a string to the first 20 words in PHP?
  16. IP Address of the machine in PHP gives ::1 but why?
  17. Casting an Array with Numeric Keys as an Object
  18. how to write javascript code inside php
  19. Store procedures in phpMyAdmin
  20. Which tokens can be parameterized in PDO prepared statements?
  21. What are the differences between composer update and composer install?
  22. Multiple javascript/css files: best practices?
  23. Using PHP/Apache to restrict access to static files (html, css, img, etc)
  24. How can I detect a malformed UTF-8 string in PHP?
  25. How to implode array with key and value without foreach in PHP
  26. Access first level keys with array_map() without calling `array_keys()`
  27. PHP – How to get Shell errors echoed out to screen
  28. Troubleshooting “The use statement with non-compound name … has no effect”
  29. Can anyone give me an example for PHP’s CURLFile class?
  30. Create PHP array from MySQL column

Leave a Comment