Hacker News new | comments | show | ask | jobs | submit login

If you are using PHP then do this:

    $salt = '$2a$08$' . $random_data;
    $hash = crypt($password, $salt);
$random_data is 22 random letters from A-Za-z0-9.= (16.5 bytes)

(08 is the cost factor - you can change it, but 8 seemed reasonable in my tests.)

If you google bcrypt and php you'll find a very complex and large class for doing this. It's no longer necessary - current versions of PHP have it built in.

Marco Arment (marco.org) has written a nice wrapper for it.


Applications are open for YC Winter 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact