netsilik / peppered-passwords
Secure password hashing using HMAC before (BCrypt) Hash.
Installs: 1 618
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 2
Forks: 3
Open Issues: 0
Requires
- php: ^7.0 || ^8.0
This package is auto-updated.
Last update: 2024-11-26 21:35:51 UTC
README
Secure password hashing using HMAC before (BCrypt) Hash.
MIT Licence
Unless required by applicable law or agreed to in writing, software distributed under the Licence is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Contact: info@netsilik.nl
Latest version available at: https://gitlab.com/Netsilik/PepperedPasswords
Installation
composer require netsilik/peppered-passwords
Usage
Hashing new passwords
<?php
namespace My\Name\Space;
use Netsilik\Lib\PepperedPasswords;
$pepper = hex2bin(env('PEPPER')); // The binary pepper value, stored as a hexadecimal string
$hasher = new PepperedPasswords($pepper);
$hash = $hasher->hash($new_plaintext_password); // Story $hash in the user's record
Verifying passwords
<?php
namespace My\Name\Space;
use Netsilik\Lib\PepperedPasswords;
$pepper = hex2bin(env('PEPPER')); // The binary pepper value, stored as a hexadecimal string
$hasher = new PepperedPasswords($pepper);
if ($hasher->verify($new_plaintext_password, $hash)) { // $hash retrieved from the user's record
echo 'Password ok.';
} else {
echo 'Wrong credentials.';
}