Secure PHP Password Hashing: Verifying Passwords

Good hacker

Thanks, sir!

This help a lot dude, thanks. thumbs up

i am returning the password hash from db and it says it doesnt verified also if I copy paste the hash from db and make a verify myself then its working. But the returing result of the password is the same string. So wat am I doing wrong?

12 what? what can it handle? thx

Do these password expire if you don't login for a certain amount of time?

thanks, very good video. Remember, alter your column (password) of database to 60

This is not vert helpful, I am trying to find an example of how to verify against a database. Storing the password in a variable is easy to verify, but how do you retrieve the hashed password from the database?

very good

While this is fairly straight forward, getting it to check the hash'd passwords in the database is not. As surely putting the hash value of a user's password in the php file for verifiying is not practical, insecure and time consuming. As when entered passwords to login, for me it only validates if it's exactly how it's written in the database password field, so a password that's been stored as a hash value in the database only authenticates if that long hash string was entered into the password field if this makes any sense. If I entered the password I hash'd it would return a failed login attempt as it's expecting the long hash string.

Been trying to look around how to do this and not found anything relevent or straight forward. Been at this for a few days now and it's quite frustrating :/

Great series - very informative and straight forward. Thank you!

hi, great videos. I don't study computer science or cryptography so could someone explain why this algorithm can't be backwards engineered to give the original password? I mean hasn't the algorithm been published?

Thank you,
I had so much trouble to understand the password_hash and verify concept.
So glad to finally got it :)
Big thanks !!

very good video. I like it. I've tried it storing it in the database which was successful but upon verifying it, it returns a false value. If I do it manually (like this video) it returns true. May you please help?

If you do:
$test = 'abc';

echo password_verify($abc, $stored_password);

It doesn't seem to work while it should echo a 0, because it is false.

Cool.
Thanks for the explanation.

Thank u bro so much !!

how can use this verify password in register and login example

Such simple explanations, thanks!

This is quite silent.