0
0
PHPprogramming~5 mins

Password hashing with password_hash in PHP - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is the purpose of the password_hash function in PHP?
The password_hash function creates a secure hash of a password. It helps protect passwords by converting them into a form that is hard to reverse or guess.
Click to reveal answer
beginner
Which algorithm does password_hash use by default?
By default, password_hash uses the BCRYPT algorithm, which is strong and includes a salt automatically.
Click to reveal answer
intermediate
Why is it important that password_hash automatically adds a salt?
Adding a salt means a unique random value is mixed into the password before hashing. This stops attackers from using pre-made tables to guess passwords and makes each hash unique.
Click to reveal answer
beginner
How do you verify a password against a hash created by password_hash?
Use the password_verify function. It takes the plain password and the stored hash, then checks if they match securely.
Click to reveal answer
intermediate
What is the benefit of using password_hash over simple hashing functions like md5 or sha1?
Simple hashes like md5 or sha1 are fast and lack salts, making them vulnerable to attacks. password_hash is slower and adds salts, making password storage much safer.
Click to reveal answer
What does the password_hash function return?
AA boolean true or false
BThe original password
CA hashed string of the password
DAn encrypted password file
Which PHP function should you use to check if a password matches a hash?
Apassword_verify()
Bpassword_check()
Chash_equals()
Dpassword_compare()
Why is it unsafe to use md5 for password hashing?
AIt is too slow
BIt automatically salts passwords
CIt uses too much memory
DIt is fast and unsalted, making it vulnerable to attacks
What does the salt in password hashing do?
AMakes the password longer
BAdds a unique random value to the password before hashing
CEncrypts the password
DRemoves special characters from the password
Which algorithm is used by default in password_hash?
ABCRYPT
BMD5
CSHA256
DAES
Explain how password_hash helps keep passwords safe.
Think about what makes a password hard to guess or reverse.
You got /4 concepts.
    Describe the steps to securely check a user's password using PHP functions.
    Consider how you store and then check the password.
    You got /4 concepts.