Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
995 views
in Technique[技术] by (71.8m points)

PHP: Does password_hash() check if the hash generated is unique? (Understanding!)

Simple question because i did not find a really helping answer on google: Does the password_hash() function also check if there is already such a hash generated for instance in the userdata file? I basically get what the function is doing, but i am fairly new to php, so i was not really able to see if the password is checked for uniqueness.

Please be gentle on this noob question right here. I simply want to understand what i am using right there, and not only do it because my exercise sheet at university tells me so.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

The password_hash() function is designed in a way that duplicates are extremely unlikely, so from the view of a developer, it is of no concern that two hashes could theoretically be the same.

Because of the properties of the password_hash() function and because it generates a random salt for each password...

  1. the chance that the function generates a duplicate is incredible small, even if two users use the same password, the function would generate different hashes
  2. one cannot search for the hash anyway, you need another search key like the username, so a duplicate wouldn't be a problem neither.

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...