{"id":13409652,"url":"https://github.com/rchouinard/phpass","last_synced_at":"2025-12-24T04:23:39.829Z","repository":{"id":60774667,"uuid":"2291834","full_name":"rchouinard/phpass","owner":"rchouinard","description":"PHP Password Library: Easy, secure password management for PHP","archived":false,"fork":false,"pushed_at":"2016-07-20T17:02:57.000Z","size":1247,"stargazers_count":245,"open_issues_count":5,"forks_count":28,"subscribers_count":14,"default_branch":"master","last_synced_at":"2024-09-07T08:41:26.760Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://rchouinard.github.com/phpass/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rchouinard.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2011-08-29T23:39:01.000Z","updated_at":"2024-07-18T13:12:13.000Z","dependencies_parsed_at":"2022-10-04T15:46:33.046Z","dependency_job_id":null,"html_url":"https://github.com/rchouinard/phpass","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rchouinard%2Fphpass","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rchouinard%2Fphpass/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rchouinard%2Fphpass/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rchouinard%2Fphpass/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rchouinard","download_url":"https://codeload.github.com/rchouinard/phpass/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243285616,"owners_count":20266848,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T20:01:02.568Z","updated_at":"2025-12-24T04:23:39.792Z","avatar_url":"https://github.com/rchouinard.png","language":"PHP","funding_links":[],"categories":["PHP"],"sub_categories":[],"readme":"PHP Password Library\n====================\n\nThe PHP Password Library is designed to ease the tasks associated with working with passwords in PHP. It is capable of generating strong cryptographic password hashes, verifying supplied password strings against those hashes, and calculating the strength of a password string using various algorithms.\n\nThis project was inspired by [Openwall's portable hashing library for PHP](http://openwall.com/phpass/) and [PassLib for Python](http://packages.python.org/passlib/).\n\nFeatures\n--------\n\n * Create and verify secure password hashes with only a few lines of code.\n * Supports bcrypt and PBKDF2 out of the box.\n * Easily extend to support additional hashing methods.\n * Additional password strength component based on well-known algorithms.\n * Follows the [PSR-0](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-0.md) standard for autoloader compatibility.\n\nInstallation\n------------\n\n### PEAR\n\nInstalling via PEAR is a simple matter of including the [PEAR channel](http://rchouinard.github.com/pear/) and installing the `rych/PHPass` package.\n\n```bash\npear channel-discover rchouinard.github.com/pear\npear install rych/PHPass-2.1.0-alpha\n```\n\n### Composer\n\n[Composer](http://getcomposer.org/) is an easy way to manage dependencies in your PHP projects. The PHP Password Library can be found in the default [Packagist](http://packagist.org/) repository.\n\nAfter installing Composer into your project, the PHP Password Library can be installed by adding the following lines to your `composer.json` file and running the Composer command line tool:\n\n```json\n{\n  \"require\": {\n    \"rych/phpass\": \"2.1.0-dev\"\n  }\n}\n```\n\nUsage\n-----\n\n### Hashing passwords\n\nThe library provides the ability to generate strong cryptographic hashes of user passwords using a variety of methods. Each method may be customized as needed, and may also be combined with HMAC hashing when using the base class.\n\n#### Examples\n\nUse the default bcrypt adapter:\n\n```php\n\u003c?php\n// Default configuration - bcrypt adapter, 2^12 (4,096) iterations\n$phpassHash = new \\Phpass\\Hash;\n```\n\nUse the PBKDF2 adapter:\n\n```php\n\u003c?php\n// Customize hash adapter - PBKDF2 adapter, 15,000 iterations\n$adapter = new \\Phpass\\Hash\\Adapter\\Pbkdf2(array (\n    'iterationCount' =\u003e 15000\n));\n$phpassHash = new \\Phpass\\Hash($adapter);\n```\n\nCreate and verify a password hash:\n\n```php\n\u003c?php\n// Create and verify a password hash from any of the above configurations\n$passwordHash = $phpassHash-\u003ehashPassword($password);\nif ($phpassHash-\u003echeckPassword($password, $passwordHash)) {\n    // Password matches...\n} else {\n    // Password doesn't match...\n}\n```\n\n### Calculating password strength\n\nThere are many different ways to calculate the relative strength of a given password, and this library supports a few of the most common. Each method returns a number which represents the estimated entropy for the given password. It's up to the developer to determine the minimum calculated entropy to accept. Combined with a sensible password policy, this can be a valuable tool in selecting strong passwords.\n\n#### Examples\n\nCalculate a password's entropy using [NIST recommendations](http://en.wikipedia.org/wiki/Password_strength#NIST_Special_Publication_800-63):\n\n```php\n\u003c?php\n// Default configuration (NIST recommendations)\n$phpassStrength = new \\Phpass\\Strength;\n\n// Returns 30\n$passwordEntropy = $phpassStrength-\u003ecalculate('MySecretPassword');\n```\n\nCalculate a password's entropy using [Wolfram Alpha's algorithm](http://www.wolframalpha.com/input/?i=password+strength+for+qwerty2345#):\n\n```php\n\u003c?php\n// Custom strength adapter (Wolfram algorithm)\n$adapter = new \\Phpass\\Strength\\Adapter\\Wolfram;\n$phpassStrength = new \\Phpass\\Strength($adapter);\n\n// Returns 59\n$passwordEntropy = $phpassStrength-\u003ecalculate('MySecretPassword');\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frchouinard%2Fphpass","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frchouinard%2Fphpass","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frchouinard%2Fphpass/lists"}