sodium_crypto_pwhash_str_needs_rehash

Determine whether or not to rehash a password

Description

bool sodium_crypto_pwhash_str_needs_rehash(string $password, int $opslimit, int $memlimit)

Determine whether or not to rehash a password, based on the current hash opslimit and memlimit.

Parameters

password

Password hash

opslimit

Configured opslimit; see sodium_crypto_pwhash_str

memlimit

Configured memlimit; see sodium_crypto_pwhash_str

Return Values

Returns true if the provided memlimit/opslimit do not match what's stored in the hash. Returns false if they match.