Skip to content
/ PepperedPasswords Public

Secure password hashing using HMAC before (BCrypt) Hash

License

MIT license
2 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Netsilik/PepperedPasswords

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
src
src
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
License.txt
License.txt
 
 
Readme.md
Readme.md
 
 
composer.json
composer.json
 
 

Repository files navigation

Peppered Password Hashing

Secure password hashing using HMAC before (BCrypt) Hash.

MIT Licence

Unless required by applicable law or agreed to in writing, software distributed under the Licence is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

Contact: info@netsilik.nl
Latest version available at: https://gitlab.com/Netsilik/PepperedPasswords

Installation

composer require netsilik/peppered-passwords

Usage

Hashing new passwords

<?php
namespace My\Name\Space;

use Netsilik\Lib\PepperedPasswords;

$pepper = hex2bin(env('PEPPER')); // The binary pepper value, stored as a hexadecimal string

$hasher = new PepperedPasswords($pepper);
$hash = $hasher->hash($new_plaintext_password); // Story $hash in the user's record

Verifying passwords

<?php
namespace My\Name\Space;

use Netsilik\Lib\PepperedPasswords;

$pepper = hex2bin(env('PEPPER')); // The binary pepper value, stored as a hexadecimal string

$hasher = new PepperedPasswords($pepper);
if ($hasher->verify($new_plaintext_password, $hash)) { // $hash retrieved from the user's record
    echo 'Password ok.';
} else {
    echo 'Wrong credentials.'; 
}

About

Secure password hashing using HMAC before (BCrypt) Hash

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

3 tags

Packages

 
 
 

Contributors

Languages