PHP 7.2.0 Release Candidate 4 Released

password_verify

(PHP 5 >= 5.5.0, PHP 7)

password_verifyVerifies that a password matches a hash

Description

boolean password_verify ( string $password , string $hash )

Verifies that the given hash matches the given password.

Note that password_hash() returns the algorithm, cost and salt as part of the returned hash. Therefore, all information that's needed to verify the hash is included in it. This allows the verify function to verify the hash without needing separate storage for the salt or algorithm information.

This function is safe against timing attacks.

Parameters

password

The user's password.

hash

A hash created by password_hash().

Return Values

Returns TRUE if the password and hash match, or FALSE otherwise.

Examples

Example #1 password_verify() example

<?php
// See the password_hash() example to see where this came from.
$hash '$2y$07$BCryptRequires22Chrcte/VlQH0piJtjXl.0t1XkA8pw9dMXTpOq';

if (
password_verify('rasmuslerdorf'$hash)) {
    echo 
'Password is valid!';
} else {
    echo 
'Invalid password.';
}
?>

The above example will output:

Password is valid!

See Also

ection id="laer&#nesmp;madit rtioutp://fr2.php.net/manual/en/function.password-verify.php"> mg src="/'mages/lonesadd panesa>.

Seer Suntrolibud byte tssecn class="fucou"> 5anes itle="PH82% likthatis...

iass="navbme Anonymousspem>strong>

aa hrass="clgenano&nr"ref="/"#11512> > &ra">;p>aa v idass="tide" typle="PH2014-05-29 01:40pa3 yeara pgostrong>

v>
iv class="phpcode"> If you getncluorrtio fso"retuspons anom.

t;?php
//hatisill ousults" istnvalid&n ssword i' ane hash is inpset=in ito 3sriables.s of r /> ash"y$07$Bspan> aryptRequires22Chrcte/Vspan>lQH0piJtjXl.0t1XkA8pw9dMXTpOq'<"span> //hatisill ousults" istnssword is valid! ' anriables.s areaneshpset=in iderahyg as. otes.p r /> ash2y$07$BCryptRequires22Chrcte/VlQH0piJtjXl.0t1XkA8pw9dMXTpOq' ssword_verify2smuslerdorf' ash2ssword is valid! 2valid&n ssword.' gt;
div> p>v>
mp;peves<=wnlotitle="PHVe thwnlo!class="cler&#nes
itle="PH66% likthatis...
iass="navbme chr allt weeonthwnshwespem>strong>

aa hrass="clgenano&nr"ref="/"#11864> &ra">;p>aa v idass="tide" typle="PH2016-01-14a12:09pa1 year pgostrong>

v>
iv class="phpcode"> e abnction isssword_verify()
ifIf you don'tswts.imoser& ssword_verify()
div> p>v>
mp;peves<=u title="PHVe thup!class="cler&#nesupa>
mp;peves<=wnlotitle="PHVe thwnlo!class="cler&#nes
Vasil Toshkovspem>strong>

aa hrass="clgenano&nr"ref="/"#113455 &ra">;p>aa v idass="tide" typle="PH20130-12-1 09:16pa4 yeara pgostrong>

v>
e function isc stbuser&to verify sh
ifpan class="dc-ault"> t;?php

ifash2y1$toHVx1uW$KIvW9yGZZSU/1YOidHeqJ//span> ssword_verify2smuslerdorf' ash2ssword is valid! 2valid&n ssword.' //htput gt;
div> p>v>
mp;peves<=u title="PHVe thup!class="cler&#nesupa>
mp;peves<=wnlotitle="PHVe thwnlo!class="cler&#nes
gorgonzllt webhwnshwespem>strong>

aa hrass="clgenano&nr"ref="/"#121648 &ra">;p>aa v idass="tide" typle="PH2017-09-18 09:53pa28 daya pgostrong>

v>
justhe giuorrtio nk re tophwillkipia=",eealn istphwinestps://edin.llkipia="rg/19llki/yptRe_(Cp>aa)span>
div> p>v>
mp;peves<=u title="PHVe thup!class="cler&#nesupa>
mp;peves<=wnlotitle="PHVe thwnlo!class="cler&#nes
suit lt rebellhwnshatspem>strong>

aa hrass="clgenano&nr"ref="/"#113493 &ra">;p>aa v idass="tide" typle="PH20130-12-8 07:18pa3 yeara pgostrong>

v>
As Vasil Toshkov srts
ifIf you wts.imosrify der=" ained MD5-Hh
ife Alphref="https://edin.llkipia="rg/19llki/yptRe_(Crel="rdnofoows typarg="ut_blank">tps://edin.llkipia="rg/19llki/yptRe_(Cp>aa)or thmorea ormation. span>
div> p>v> div>