Can password_verify php work with any arguments?
I already know how to use password_verify and password_hash functions, but I don't really understand how they work.
When I use them I do something like that:
$save_hash = password_hash( $password, PASSWORD_DEFAULT );
$check = password_verify( $password, $hash );
How can password_verify know the algorithm used, the salt and the cost? The PHP official documentation say this:
Note that password_hash() returns the algorithm, cost and salt as part of the returned hash. Therefore, all information that's needed to verify the hash is included in it. This allows the verify function to verify the hash without needing separate storage for the salt or algorithm information.
But I don't really understand why all that information is included in the hash, so a possible attacker will know too. So, if attackers know the salt, why is it secure? They only have to put the salt at the beginning and try a brute force attack the same way they would do without a salt. What am I wrong about?
How can password_verify php know the algorithm used, the salt and the cost?
$save_hash looks like this:
$2y$10$nmqlFAguURkkWhjgn7LP7.QxLw2fQ9GYSkiaEbypgXg6L4bESC.Mu
Which is a bunch of fields separated by $:
What Means this
2y Type of hash, in this case bcrypt10 The cost
- Salt and password hash The first 22 characters are salt, the remainder is the hash
- So, yes, all the information required to mount a brute-force attack on the password is there.
But I don't really understand why all that information is included in the hash, so a possible attacker will know too. So, if attackers know the salt, why is it secure? The salt is not designed to be secret; it is designed to be distinct for each user, meaning that an attacker will have to adjust their attack for each user. Without salts, every user with "p@ssw0rd" as their password would have the same exact hashed password, and the attacker would only need to crack it once. With salts, the attacker has to do the work separately for each user/salt. As an example, let's take 100 users. Without salts, an attacker needs 10 tries to test 10 passwords. With salts, the attacker needs 1000 tries to test 10 passwords. The cost of the attack is multiplied by the number of salts.