PHPass 0.3

PHPass

PHPass is a portable public domain password hashing framework for use in PHP applications. This is a portable public domain password hashing framework for use in PHP applications. It is meant to work with PHP 3 and above, and it has actually been tested with at least PHP 3.0.18, 4.3.x, 4.4.x, 5.0.x, 5.1.x, and 5.2.x so far.

The preferred (most secure) hashing method supported by phpass is the OpenBSD-style Blowfish-based bcrypt, also supported with our public domain crypt_blowfish package (for C applications), and known in PHP as CRYPT_BLOWFISH, with a fallback to BSDI-style extended DES-based hashes, known in PHP as CRYPT_EXT_DES, and a last resort fallback to an MD5-based variable iteration count password hashing method implemented in phpass itself.

To ensure that the fallbacks will never occur, the Suhosin patch may be used. Suhosin integrates crypt_blowfish into the PHP interpreter such that bcrypt is available for use by PHP scripts even if the host system lacks support for it. Hopefully, future versions of PHP will do the same.

Included in the package are a PHP source file implementing the PasswordHash PHP script, a tiny PHP application demonstrating the use of the PasswordHash script, and a C reimplementation of the last resort password hashing method (used for testing the correctness of the primary implementation only).

License type: Open Source License
Date added: 1 year, 9 months 19 days ago | Last updated: 1 year, 9 months 11 days ago

More popular Framework

Listing Files

phpass-0.3
c
  • Makefile
  • 467 Bytes
  • 05/31/2005 07:24:02
  • crypt_private.c
  • 2.2 KB
  • 04/07/2010 23:22:32