wp_hash_password( string $password )
Create a hash (encrypt) of a plain text password.
Description
For integration with other applications, this function can be overwritten to instead use the other package password checking algorithm.
Parameters
- $password
-
(string) (Required) Plain text user password to hash
Return
(string) The hash string of the password
Source
File: wp-includes/pluggable.php
function wp_hash_password( $password ) {
global $wp_hasher;
if ( empty( $wp_hasher ) ) {
require_once( ABSPATH . WPINC . '/class-phpass.php' );
// By default, use the portable hash from phpass
$wp_hasher = new PasswordHash( 8, true );
}
return $wp_hasher->HashPassword( trim( $password ) );
}
Changelog
| Version | Description |
|---|---|
| 2.5.0 | Introduced. |
Compare an already hashed password with its plain-text string:
<?php $wp_hasher = new PasswordHash(8, TRUE); $password_hashed = '$P$B55D6LjfHDkINU5wF.v2BuuzO0/XPk/'; $plain_password = 'test'; if($wp_hasher->CheckPassword($plain_password, $password_hashed)) { echo "YES, Matched"; } else { echo "No, Wrong Password"; } ?>Expand full source codeCollapse full source code
Use Blowfish or extended DES (if available) instead of MD5 to hash the password with 16 rounds of hashing: