Time Complexity: Password hashing with password_hash
O(r)
0
0
Password hashing with password_hash in PHP - Time & Space Complexity
Understanding Time Complexity
When we use password_hash in PHP, it takes some time to turn a password into a secure hash.
We want to understand how the time it takes changes as the password or settings change.
Scenario Under Consideration
Analyze the time complexity of the following code snippet.
$password = 'mysecretpassword';
$hash = password_hash($password, PASSWORD_DEFAULT);
echo $hash;
This code creates a secure hash from a password using PHP's built-in function.
Identify Repeating Operations
Identify the loops, recursion, array traversals that repeat.
- Primary operation: The hashing algorithm runs multiple internal rounds to secure the password.
- How many times: The number of rounds depends on the algorithm and its cost setting, repeating the hashing steps many times.
How Execution Grows With Input
The time to hash grows mainly with the number of rounds, not the password length.
| Input Size (Rounds) | Approx. Operations |
|---|---|
| 10 | 10 hashing steps |
| 20 | 20 hashing steps |
| 50 | 50 hashing steps |
Pattern observation: Doubling the rounds roughly doubles the time, while password length has little effect.
Final Time Complexity
Time Complexity: O(r)
This means the time grows linearly with the number of hashing rounds set in the algorithm.
Common Mistake
[X] Wrong: "Hashing time depends mostly on the password length."
[OK] Correct: The hashing time depends mainly on the number of rounds, not the password length, which is usually short and fixed.
Interview Connect
Understanding how hashing time grows helps you explain security trade-offs clearly and shows you know how to balance safety and performance.
Self-Check
"What if we increased the cost parameter in password_hash? How would the time complexity change?"