Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot verify the password after hashing #91

Open
jackyshek opened this issue Nov 25, 2015 · 1 comment
Open

Cannot verify the password after hashing #91

jackyshek opened this issue Nov 25, 2015 · 1 comment

Comments

@jackyshek
Copy link

I have tested the password_verify of PHP that does not verify correctly. I am using centOS and PHP version 5.3.3.
It is always to return true with different passwords when i verify it. Is my code has bug?

Here is my code:

$password = 'k32AlGOPqvCzoh*Sp(Hdrr26]M=lQb00R&W=hew|-|([(03vp==A8%m?l=eA2^bs_|\qVV3WZ';

$verify_pw = 'k32AlGOPqvCzoh*Sp(Hdrr26]M=lQb00R&W=hew|-|([(03vp==A8%m?l=eA2^bs_|\qVV3WZasdasdasdasdqweqa13123';

$options = array(
            'cost' => 15
        );

$hash = password_hash($password, PASSWORD_BCRYPT,$options);

var_dump(password_verify($verify_pw ,$hash)); // sometime true sometime false
@lode
Copy link

lode commented Nov 25, 2015

From the requirements on the homepage:

This library requires PHP >= 5.3.7 OR a version that has the $2y fix backported into it (such as RedHat provides). Note that Debian's 5.3.3 version is NOT supported.

See also #90 or #10.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants