From 6d62e643f7a75dff69c4cf42edaaf04bf1961cdb Mon Sep 17 00:00:00 2001 From: Sean DuBois Date: Thu, 6 Dec 2012 04:44:29 -0500 Subject: [PATCH] The example I had before is not actually helpful for users, this one is much more relevant --- _posts/07-03-01-Password-Hashing.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/_posts/07-03-01-Password-Hashing.md b/_posts/07-03-01-Password-Hashing.md index 8d3d03a..cb611bf 100644 --- a/_posts/07-03-01-Password-Hashing.md +++ b/_posts/07-03-01-Password-Hashing.md @@ -12,20 +12,16 @@ It is important that you properly [_hash_][3] passwords before storing them. Pas In PHP 5.5 `password_hash` will be introduced. At this time it is using BCrypt, the strongest algorithm currently supported by PHP. It will updated in the future to support more algorithms as needed though. The `password_compat` library was created to provide forward compatibility for PHP >= 5.3.7. -Below we hash two strings, but because the two hashes do not match the user will be denied login. +Below we hash a string, we then check the hash against a new string. Because our two source strings are different ('secret-password' vs. 'bad-password') this login will fail. {% highlight php %}