<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Predefined Constants</title> </head> <body><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="password.resources.html">Resource Types</a></div> <div class="next" style="text-align: right; float: right;"><a href="ref.password.html">Password Hashing Functions</a></div> <div class="up"><a href="book.password.html">Password Hashing</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div><hr /><div id="password.constants" class="appendix"> <h1>Predefined Constants</h1> <p class="simpara"> The constants below are always available as part of the PHP core. </p> <p class="para"> <dl> <dt id="constant.password-bcrypt"> <strong><code>PASSWORD_BCRYPT</code></strong> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) </dt> <dd> <p class="para"> <strong><code>PASSWORD_BCRYPT</code></strong> is used to create new password hashes using the <strong><code>CRYPT_BLOWFISH</code></strong> algorithm. </p> <p class="para"> This will always result in a hash using the "$2y$" crypt format, which is always 60 characters wide. </p> <p class="para"> Supported Options: </p> <ul class="itemizedlist"> <li class="listitem"> <p class="para"> <em>salt</em> (<span class="type"><a href="language.types.string.html" class="type string">string</a></span>) - to manually provide a salt to use when hashing the password. Note that this will override and prevent a salt from being automatically generated. </p> <p class="para"> If omitted, a random salt will be generated by <span class="function"><a href="function.password-hash.html" class="function">password_hash()</a></span> for each password hashed. This is the intended mode of operation and as of PHP 7.0.0 the salt option has been deprecated. </p> </li> <li class="listitem"> <p class="para"> <em>cost</em> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) - which denotes the algorithmic cost that should be used. Examples of these values can be found on the <span class="function"><a href="function.crypt.html" class="function">crypt()</a></span> page. </p> <p class="para"> If omitted, a default value of <em>10</em> will be used. This is a good baseline cost, but you may want to consider increasing it depending on your hardware. </p> </li> </ul> </dd> <dt id="constant.password-argon2i"> <strong><code>PASSWORD_ARGON2I</code></strong> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) </dt> <dd> <p class="para"> <strong><code>PASSWORD_ARGON2I</code></strong> is used to create new password hashes using the Argon2 algorithm. </p> <p class="para"> Supported Options: </p> <ul class="itemizedlist"> <li class="listitem"> <p class="para"> <em>memory_cost</em> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) - Maximum memory (in bytes) that may be used to compute the Argon2 hash. Defaults to <strong><code>PASSWORD_ARGON2_DEFAULT_MEMORY_COST</code></strong>. </p> </li> <li class="listitem"> <p class="para"> <em>time_cost</em> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) - Maximum amount of time it may take to compute the Argon2 hash. Defaults to <strong><code>PASSWORD_ARGON2_DEFAULT_TIME_COST</code></strong>. </p> </li> <li class="listitem"> <p class="para"> <em>threads</em> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) - Number of threads to use for computing the Argon2 hash. Defaults to <strong><code>PASSWORD_ARGON2_DEFAULT_THREADS</code></strong>. </p> </li> </ul> <p class="para"> Available as of PHP 7.2.0. </p> </dd> <dt id="constant.password-argon2id"> <strong><code>PASSWORD_ARGON2ID</code></strong> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) </dt> <dd> <p class="para"> Available as of PHP 7.3.0. </p> </dd> <dt id="constant.password-argon2-default-memory-cost"> <strong><code>PASSWORD_ARGON2_DEFAULT_MEMORY_COST</code></strong> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) </dt> <dd> <p class="para"> Default amount of memory in bytes that Argon2lib will use while trying to compute a hash. </p> <p class="para"> Available as of PHP 7.2.0. </p> </dd> <dt id="constant.password-argon2-default-time-cost"> <strong><code>PASSWORD_ARGON2_DEFAULT_TIME_COST</code></strong> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) </dt> <dd> <p class="para"> Default amount of time that Argon2lib will spend trying to compute a hash. </p> <p class="para"> Available as of PHP 7.2.0. </p> </dd> <dt id="constant.password-argon2-default-threads"> <strong><code>PASSWORD_ARGON2_DEFAULT_THREADS</code></strong> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) </dt> <dd> <p class="para"> Default number of threads that Argon2lib will use. </p> <p class="para"> Available as of PHP 7.2.0. </p> </dd> <dt id="constant.password-default"> <strong><code>PASSWORD_DEFAULT</code></strong> (<span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span>) </dt> <dd> <p class="para"> The default algorithm to use for hashing if no algorithm is provided. This may change in newer PHP releases when newer, stronger hashing algorithms are supported. </p> <p class="para"> It is worth noting that over time this constant can (and likely will) change. Therefore you should be aware that the length of the resulting hash can change. Therefore, if you use <strong><code>PASSWORD_DEFAULT</code></strong> you should store the resulting hash in a way that can store more than 60 characters (255 is the recomended width). </p> <p class="para"> Values for this constant: </p> <ul class="itemizedlist"> <li class="listitem"> <span class="simpara"> PHP 5.5.0 - <strong><code>PASSWORD_BCRYPT</code></strong> </span> </li> </ul> </dd> </dl> </p> </div> <hr /><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="password.resources.html">Resource Types</a></div> <div class="next" style="text-align: right; float: right;"><a href="ref.password.html">Password Hashing Functions</a></div> <div class="up"><a href="book.password.html">Password Hashing</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div></body></html>