1
I’m having trouble with password_verify (). A few days ago, the same password and hash worked perfectly. Today, password_verify returns false, but I know the password is correct.
$senhaC = '$2y$10$15rGMwy5CEHaLrNzEEwaZ.G2.VbhumhXtcORad0cC7W6SkjuZ.XJG';
$senha = 'tgipassword';
var_dump(password_get_info($senhaC));
if (password_verify($senha, $senhaC)) {
echo 'Ok';
}
else {
echo 'No Ok';
}
var_dump returns:
array (size=3)
'algo' => int 1
'algoName' => string 'bcrypt' (length=6)
'options' =>
array (size=1)
'cost' => int 10
When it was created and saved in the bank it was using:
$options = [
'cost' => 10
];
$senhaC = password_hash('tgipassword', PASSWORD_DEFAULT, $options);
I do a search in the bank it returns me this hash but in the verification with the correct password returns false, the strange thing is that I used this password a few days ago checking as true and I know that the password was not changed.
Ever tried to update the password? to see?
– Everton Figueiredo
Did not set any jump on
password_hash?– William Aparecido Brandino
The php version has changed?
– Miguel
When I do the function of my software that will govern the password, I put the same it will govern and it works. The strange thing is not working something that was.
– mrjgeek
The PHP version was not changed, I did not configure any salt. I only used that described in the question, cost 10 and PASWORD_DEFAULT.
– mrjgeek
My fear is a user trying to log in and not working saying the password is wrong and the password is right.
– mrjgeek