I currently do the following:
$senha = strip_tags(trim($_POST['Senha']));
$senha_segura = password_hash($senha, PASSWORD_DEFAULT);
I would like to know if this is the best way to protect the password field and if using the hash password it is necessary to use the strip_tags as well, since the password hash encrypts the data that is entering and generates a different value in the database , or the hash password already protects the sql injection database and other attacks by changing the tags and characters by a different value?
NOTE: I also use the bindvalue of the PDO:
$query->bindValue(':senha', $senha_segura, PDO::PARAM_STR);