sodium_crypto_pwhash_str_verify
Verifies that a password matches a hash
Description
bool sodium_crypto_pwhash_str_verify(string $hash
, #[\SensitiveParameter]string $password
)
Parameters
-
hash
-
A hash created by password_hash.
-
password
-
The user's password.
Return Values
Returns true
if the password and hash match, or false
otherwise.
Notes
Note:
Hashes are calculated using the Argon2ID algorithm, providing resistance to both GPU and side-channel attacks.
See Also
- sodium_crypto_pwhash_str
- password_hash
- password_verify