My question here is, is there a way to use password_verify to verify a hashed password.
Like:
Code: Select all
<?php
password_verify($hashedPW, $hashedPWFromDB);
?>Moderator: General Moderators
Code: Select all
<?php
password_verify($hashedPW, $hashedPWFromDB);
?>That's the whole point of password_verifyPazuzu156 wrote:is there a way to use password_verify to verify a hashed password
No, you need to compare the password against the hash. If you were comparing hashed passwords, it would be a simple string compare.Pazuzu156 wrote:I wonder this because when the verify function is being called, the password has already been hashed.Code: Select all
<?php password_verify($hashedPW, $hashedPWFromDB); ?>
True, however, notice when you hash the same password, the hashes always come out different. I'm also using the BCrypt hashCelauran wrote: No, you need to compare the password against the hash. If you were comparing hashed passwords, it would be a simple string compare.