Password_verify does not return the correct one

Question

Password_verify does not return the correct one

Navigation

#1 by (2 votes)
#2 by (2 votes)

1

I am trying to use the command password_verify but it is not returning me the correct one for example:

$senha = "151201";

$hash = "dc123878c3ceb4b521c7531ecaa93b53";

if(password_verify($senha, $hash)){
    $teste = "Senha correta";
    echo $teste;
} else {
    $teste = "Senha incorreta";
    echo $teste;
}

The variable $hash was assigned to String: dc123878c3ceb4b521c7531ecaa93b53 that was generated on the site: link despite of the string 151201 is dc123878c3ceb4b521c7531ecaa93b53 the command keeps returning me FALSE

php

asked by anonymous 08.08.2017 / 22:32

2 answers

2

The hash used by password_verify function is not just the MD5 of the password. In fact, the function is compatible with the crypt function, ie the hash to be used should be this:

define("SALT", uniqid()); // Exemplo!

$senha = "151201";

$hash = crypt($senha, SALT);

if (password_verify($senha, $hash)) {
    $teste = "Senha correta";
    echo $teste;
} else {
    $teste = "Senha incorreta";
    echo $teste;
}

See working at Ideone .

Or you can use the password_hash function to generate the hash :

$senha = "151201";

$hash = password_hash($senha, PASSWORD_DEFAULT);

if (password_verify($senha, $hash)) {
    $teste = "Senha correta";
    echo $teste;
} else {
    $teste = "Senha incorreta";
    echo $teste;
}

See working at Ideone .

08.08.2017 / 22:51

Curbing javascript values Email Differentiating two environments in the system

score 2 · Accepted Answer

The password_hash supports BCrypt and Argon2i (in PHP 7.2). MD5 was never assigned to passwords. Also since 1994 it could already be considered broken, nowadays it is not recommended for anything, but that's not the issue here.

For you to use password_verify it is preferable that you use a password that is compatible with BCrypt (or Argon2i for PHP 7.2), you can use:

For BCrypt:

password_hash($senha, PASSWORD_BCRYPT);

For Argon2i:

password_hash($senha, PASSWORD_ARGON2I);

/! \ Caution:

The password_hash does not remove the nulls and will stop on them, so this is broken:

// Não utilize o código abaixo em produção, existem erros intencionais:

$_POST['senha'] = "a\x00bc";
// Nota: Existe um nulo após o 'a', isso pode ser enviado usando '%00' pelo usuário!

$hash =  password_hash($_POST['senha'], PASSWORD_BCRYPT);

if(strlen($_POST['senha']) >= 3 && strlen($_POST['senha']) < 70){
    if( password_verify('a', $hash)){
        echo 'Igual';
    }
}

Try this.

Result: Igual , yes a equals a\x00bc . >: D

If you do not want to use BCrypt / Agon2i, not everything is lost, you can use PBKDF2 , for example:

$senha = '12345678';
$salt = random_bytes(16);
$iteracoes = 150000;

$hash = hash_pbkdf2('sha3-512', $senha, $salt, $iteracoes);

To check, just do hash_equals($senha, $hash) . Never do $senha === $hash let alone $senha == $hash , obviously. It is not considered better than BCrypt and not much better than Argon2i, some say it is the "worst of recommended methods", being used "when there is nothing better".