password_hash
Creates a password hash using a strong one-way hashing algorithm for secure password storage.
Parameters
main.php
Return Values
string
Returns the hashed password including algorithm, cost, and salt
On success:Hashed password string that includes all necessary verification information
On failure:false on failure (rare with proper usage)
Notes
- Always use PASSWORD_DEFAULT for maximum future compatibility
- Automatically generates cryptographically secure salt
- Hash result includes algorithm info needed for verification
- Use password_verify() to check passwords against stored hashes
Changelog
- 8.0.0: password_hash() no longer returns false on failure
- 7.0.0: salt option deprecated, removed in 8.0.0
Related Functions
strlen
StringReturns the length of a string in bytes.
lengthvalidationsecurity
htmlspecialchars
SecurityConverts special characters to HTML entities to prevent XSS attacks and ensure safe HTML output.
securityxsssanitize
filter_var
ValidationFilters a variable with a specified filter, used for validating and sanitizing data.
validatesanitizesecurity