John Davidson

php - password_hash returns different value every time


I'm making a login system, and I want to hash the passwords to make them more secure, but it returns a different hash every time, and can't even be verified using password_verify(), here is my code:

$password = password_hash($password4, PASSWORD_DEFAULT);

and here is my code for verifying:

if(password_verify($password4, $dbpassword))

My Answer:
The issue you are facing is likely due to the fact that you are generating a new hash every time you call `password_hash()`. This means that the hash you are trying to verify with `password_verify()` is different from the one that was originally stored in your database.

To fix this issue, you should only hash the password once during the registration process and then store the hashed password in your database. When a user tries to log in, you should retrieve the hashed password from the database and use `password_verify()` to check if the entered password matches the stored hash.

Here is an example of how you can modify your code:

During registration:
$password = password_hash($password4, PASSWORD_DEFAULT);
// Store $password in your database

During login:
// Retrieve $dbpassword from your database
if(password_verify($password4, $dbpassword)) {
// Password is correct
} else {
// Password is incorrect

By following this approach, you will ensure that the password hash is consistent and can be verified correctly using `password_verify()`.

Rate this post

3 of 5 based on 3858 votes


© 2024 - Personal Blogs Platform. All Rights Reserved.
Create blog  |  Privacy Policy  |  Terms & Conditions  |  Contact Us