Choosing a Good Password
Choosing a Good Password
Your password is what tells the computer that you are who you
say you are. Until we can do retina scans like in James Bond movies,
the password is the best that we can do. But, because your password is
like a key to your account, you need to safeguard it. Anyone who has
your password can get into your account, and your files. Anyone who
can guess your password has it. Anyone who has your password can pose
as you. Therefore, you may be held responsible for someone else's
actions, if they are able to get your password. You may not wish this
to happen.
Tips on safeguarding your password
First and foremost, NEVER give your password to anyone.
``Anyone'' means your coworkers, your spouse, your systems
administrator.
In the event of an emergency, the sysadmin can change
your password.
Your sytems administrator never has a need to know
your personal password. If someone needs to get onto our machines, and
has a reason to be here, do not give them access to your
account. Speak to the systems staff about us setting up an account for
We would be very happy to give them one.
Make your password something you can remember.
Do not write it down. If you really, honestly forget your
password, we can easily give you a new one. We'd rather set your
password once a month because you forgot it than have someone find it
written down and gain unauthorized access to your account.
Make your password difficult for others to guess.
This is not as hard as it initially seems. See the section
below on chosing a good password.
DO NOT Change your password because of mail from someone
claiming to be your systems administrator, supposedly needing access
to your files!!
This is a popular scam in some circles.
Remember, your
systems administrator never needs your password for any reason.
someone needs to ask you to change your password so that they can gain
entry to your account, they do not have reason to be there.
We run sophisticated password crackers on the password
files of our machines. If we guess your password, you will have to
come see a staffer to have it changed. These are the same crackers that
the bad guys have access to, so if you have a weak password, it's better
if we find out about it first.
How Not to Choose a Password
Here are some of the types of passwords that will be picked
up by our crackers:
Words in the dictionary.
Words in any dictionary.
Your user name.
Your real name.
Your spouse's name.
Anyone's name (crackers don't necessarily know that your aunt's
middle name is Agnes, but it's easy enough to get a list of 100,000
names and try each one).
Any word in any ``cracking dictionary.'' There are lists of words
that crackers use to try to crack passwords: passwords that
a lot of people use. Some of these lists include:
Abbreviations,
Asteroids,
Character Patterns, Machine names,
famous names,
female names,
male names,
Myths-legends,
Number Patterns, Short Phrases,
Science Fiction, Shakespeare,
Any of the above, with a single character before or after it
(``8dinner'', ``happy1'').
Any of the above, capitalized (``cat'' --& ``Cat'')
Any of the above, reversed (``cat'' --& ``tac''), doubled
(``cat'' --& ``catcat'') or mirrored (``cat'' --&
``cattac'').
We used to tell people that taking a word and substituting some
characters (a 0 (zero) for an o, or a 1 for an l) made a good
password. This is no longer the case. New crackers have the capability
to crack things like this, in certain situations.
Words like ``foobar'', ``xyzzy'' and ``qwerty'' are still just
plain words. They are also popular passwords, and the crack programs
look for them. Avoid them.
Any of the sample passwords, good or bad, mentioned in this
How to Choose a Good Password
I know that coming up with a good password can be difficult,
so here are some guidelines to use.
Choose a password that is at least six characters long. This
should be long enough to discourage a brute-force attack. Currently,
the maximum password length on many Unix systems is eight characters,
but if you want to add a few more characters to make it easier to
remember, go ahead. Just bear in mind that anything after the eighth
character will be ignored (so ``abnormalbrain'' is the same as
``abnormal'').
In general, a good password will have a mix of lower- and
upper-case characters, numbers, and punctuation marks, and should be
at least 6 characters long. Unfortunately, passwords like this are
often hard to remember and result in people writing them down. Do not
write your passwords down!
The license plate rule: take a phrase and try to squeeze
it into eight characters, as if you wanted to put it on a vanity
license plate.
Some people like to pick several small words, separated by
punctuation marks of some kind.
Put a punctuation mark in the middle of a word, e.g.,
``vege%tarian''.
Use some unusual way of contracting a word. You don't have to use
an apostrophe.
One of my favorite passwords was ``kEp*-h&y'':
``kEp'' --& ``keep'', ``*-'' --& ``laser'' (like those signs that
you see outside of physics labs), and ``h&y'' --& ``handy'';
``Keep your laser handy!''
You can use control characters. Just bear in mind that a lot of
them have special meanings. If you use ^D, ^H or ^U, for example, you
might not be able to log in again.
Think of an uncommon phrase, and take the first, second or last
letter of each word. ``You can't always get what you want'' would
yield ``ycagwyw''. Throw in a capital letter and a puntuation mark or
a number or two, and you can end up with ``yCag5wyw''.
Deliberately misspelling one or more words can make your password
harder to crack.
Use several of the techniques above.
Something that no one but you would ever think of. The best
password is one that is totally random to anyone else except you.
is difficult to tell you how to come up with these, but people are
able to do it. Use your imagination!
Last updated: June 1999 Thursday, 03-Oct-:42 EDT
Authors: Joe Sanjour,
Andrew Arensburger,
Anne Brink.Keyboard Shortcuts?
Next menu item
Previous menu item
Previous man page
Next man page
Scroll to bottom
Scroll to top
Goto homepage
Goto search(current page)
Focus search box
Change language:
Brazilian Portuguese
Chinese (Simplified)
password_hash
password_hash & Creates a password hash
Description
string password_hash
( string $password
, integer $algo
[, array $options
The following algorithms are currently supported:
PASSWORD_DEFAULT - Use the bcrypt algorithm (default as of PHP 5.5.0).
Note that this constant is designed to change over time as new and stronger algorithms are added
to PHP. For that reason, the length of the result from using this identifier can change over
time. Therefore, it is recommended to store the result in a database column that can expand
beyond 60 characters (255 characters would be a good choice).
PASSWORD_BCRYPT - Use the CRYPT_BLOWFISH algorithm to
create the hash. This will produce a standard
compatible hash using
the &$2y$& identifier. The result will always be a 60 character string,
or FALSE on failure.
Supported Options:
salt - to manually provide a salt to use when hashing the password.
Note that this will override and prevent a salt from being automatically generated.
If omitted, a random salt will be generated by password_hash() for
each password hashed. This is the intended mode of operation.
The salt option has been deprecated as of PHP 7.0.0. It is now
preferred to simply use the salt that is generated by default.
cost - which denotes the algorithmic cost that should be used.
Examples of these values can be found on the
If omitted, a default value of 10 will be used. This is a good
baseline cost, but you may want to consider increasing it depending on your hardware.
Parameters
The user's password.
Using the PASSWORD_BCRYPT as the
algorithm, will result
in the password parameter being truncated to a
maximum length of 72 characters.
denoting the algorithm to use when hashing the password.
An associative array containing options. See the
for documentation on the supported options for each algorithm.
If omitted, a random salt will be created and the default cost will be
Return Values
Returns the hashed password,
or FALSE on failure.
The used algorithm, cost and salt are returned as part of the hash. Therefore,
all information that's needed to verify the hash is included in it. This allows
function to verify the hash without
needing separate storage for the salt or algorithm information.
Example #1 password_hash() example
&?php/**&*&We&just&want&to&hash&our&password&using&the&current&DEFAULT&algorithm.&*&This&is&presently&BCRYPT,&and&will&produce&a&60&character&result.&*&*&Beware&that&DEFAULT&may&change&over&time,&so&you&would&want&to&prepare&*&By&allowing&your&storage&to&expand&past&60&characters&(255&would&be&good)&*/echo&password_hash("rasmuslerdorf",&PASSWORD_DEFAULT)."\n";?&
The above example will output
something similar to:
$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a
Example #2 password_hash() example setting cost manually
&?php/**&*&In&this&case,&we&want&to&increase&the&default&cost&for&BCRYPT&to&12.&*&Note&that&we&also&switched&to&BCRYPT,&which&will&always&be&60&characters.&*/$options&=&[&&&&'cost'&=&&12,];echo&password_hash("rasmuslerdorf",&PASSWORD_BCRYPT,&$options)."\n";?&
The above example will output
something similar to:
$2y$12$QjSH496pcT5CEbzjD/vtVeH03tfHKFy36d4J0Ltp3lRtee9HDxY3K
Example #3 password_hash() example setting salt manually
&?php/**&*&Note&that&the&salt&here&is&randomly&generated.&*&Never&use&a&static&salt&or&one&that&is&not&randomly&generated.&*&*&For&the&VAST&majority&of&use-cases,&let&password_hash&generate&the&salt&randomly&for&you&*/$options&=&[&&&&'cost'&=&&11,&&&&'salt'&=&&mcrypt_create_iv(22,&MCRYPT_DEV_URANDOM),];echo&password_hash("rasmuslerdorf",&PASSWORD_BCRYPT,&$options)."\n";?&
The above example will output
something similar to:
$2y$11$q5MkhSBtlsJcNEVsYh64a.aCluzHnGog7TQAKVmQwO9C8xb.t89F.
Example #4 password_hash() example finding a good cost
&?php/**&*&This&code&will&benchmark&your&server&to&determine&how&high&of&a&cost&you&can&*&afford.&You&want&to&set&the&highest&cost&that&you&can&without&slowing&down&*&you&server&too&much.&8-10&is&a&good&baseline,&and&more&is&good&if&your&servers&*&are&fast&enough.&The&code&below&aims&for&≤&50&milliseconds&stretching&time,&*&which&is&a&good&baseline&for&systems&handling&interactive&logins.&*/$timeTarget&=&0.05;&//&50&milliseconds&$cost&=&8;do&{&&&&$cost++;&&&&$start&=&microtime(true);&&&&password_hash("test",&PASSWORD_BCRYPT,&["cost"&=&&$cost]);&&&&$end&=&microtime(true);}&while&(($end&-&$start)&&&$timeTarget);echo&"Appropriate&Cost&Found:&"&.&$cost&.&"\n";?&
The above example will output
something similar to:
Appropriate Cost Found: 10
It is strongly recommended that you do not generate your own salt for this
It will create a secure salt automatically for you if you do
not specify one.
As noted above, providing the salt option in PHP 7.0
will generate a deprecation warning. Support for providing a salt manually
may be removed in a future PHP release.
It is recommended that you test this function on your servers, and adjust the cost parameter
so that execution of the function takes less than 100 milliseconds on interactive systems.
The script in the above example will help you choose a good cost value for your hardware.
Updates to supported algorithms by this function (or changes to the default one) must follow
the following rules:
Any new algorithm must be in core for at least 1 full release of PHP
prior to becoming default. So if, for example, a new algorithm is added
in 7.5.5, it would not be eligible for default until 7.7 (since 7.6
would be the first full release). But if a different algorithm was added
in 7.6.0, it would also be eligible for default at 7.7.0.
The default should only change in a full release (7.3.0, 8.0.0, etc)
and not in a revision release.
The only exception to this is in an
emergency when a critical security flaw is found in the current
- Verifies that a password matches a hash
- One-way string hashing
There is a compatibility pack available for PHP versions 5.3.7 and later, so you don't have to wait on version 5.5 for using this function. It comes in form of a single php file:
I agree with martinstoeckli,don't create your own salts unless you really know what you're doing.By default, it'll use /dev/urandom to create the salt, which is based on noise from device drivers.And on Windows, it uses CryptGenRandom().Both have been around for many years, and are considered secure for cryptography (the former probably more than the latter, though).Don't try to outsmart these defaults by creating something less secure. Anything that is based on rand(), mt_rand(), uniqid(), or variations of these is *not* good.
You can produce the same hash in php 5.3.7+ with crypt() function:&?php$salt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);$salt = base64_encode($salt);$salt = str_replace('+', '.', $salt);$hash = crypt('rasmuslerdorf', '$2y$10$'.$salt.'$');echo $hash;?&
Pay close attention to the maximum allowed length of the password parameter!& If you exceed the maximum length, it will be truncated without warning.If you prepend your own salt/pepper to the password, and that salt/pepper exceeds the maximum length, then this function will truncate the actual password.& That means password_verify() will return true with ANY password using the same salt/pepper.It might be a good idea to append any salt/pepper to the end of the password instead.
For passwords, you generally want the hash calculation time to be between 250 and 500 ms (maybe more for administrator accounts). Since calculation time is dependent on the capabilities of the server, using the same cost parameter on two different servers may result in vastly different execution times. Here's a quick little function that will help you determine what cost parameter you should be using for your server to make sure you are within this range (note, I am providing a salt to eliminate any latency caused by creating a pseudorandom salt, but this should not be done when hashing passwords):&?phpfunction getOptimalBcryptCostParameter($min_ms = 250) {& & for ($i = 4; $i & 31; $i++) {& & & & $options = [ 'cost' =& $i, 'salt' =& 'usesomesillystringforsalt' ];& & & & $time_start = microtime(true);& & & & password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options);& & & & $time_end = microtime(true);& & & & if (($time_end - $time_start) * 1000 & $min_ms) {& & & & & & return $i;& & & & }& & }}echo getOptimalBcryptCostParameter(); ?&
In most cases it is best to omit the salt parameter. Without this parameter, the function will generate a cryptographically safe salt, from the random source of the operating system.
The PASSWORD_BCRYPT duration evolves exponentially based on COST.Measure picture : The "constant" depends on your machine (for me is 1).Method :&table border="1"&&?php& & for( $cost = 0; $cost &= 10; $cost=$cost+0.1){& & & & $start = microtime(true);& & & & password_hash("test".$cost, PASSWORD_BCRYPT, ["cost" =& $cost]);& & & & $end = microtime(true);& & & & echo '&tr&&td&' . $cost . '&/td&&td&' . ( $end - $start ) . '&/td&&/tr&';& & }?&&/table&
Note that this function can return NULL. It does so if you provide an incorrect constant as an algorythm. I had the following:& & $password = password_hash($password1, PASSWORD_BDCRYPT, array( 'cost' =& 10 ));and i couldn't understand why i kept having NULL written in $ it was a simple fact that the constant was PASSWORD_BCRYPT.
if you thought"why is the salt included in the hash and is it save when i store it as it is in my db?"Answer i found:The salt just has to be unique. It not meant to be a secret.As mentioned in notes and docu before: let password_hash() take care of the salt.With the unique salt you force the attacker to crack the hash.The hash is unique and cannot be found at rainbow tables.
Please note that password_hash will ***truncate*** the password at the first NULL-byte.If you use anything as an input that can generate NULL bytes (sha1 with raw as true, or if NULL bytes can naturally end up in people's passwords), you may make your application much less secure than what you might be expecting.The password $a = "\"; is zero bytes long (an empty password) for bcrypt.The workaround, of course, is to make sure you don't ever pass NULL-bytes to password_hash.
Alan is entirely wrong, please ignore his comment and/or vote it down. This method encodes the algorithm and other parameters into the returned hash.Deliberately specifying the algorithm to use should only be done in a carefully considered scenario, and these functions are designed and policies have been decided to ensure wide compatibility.The risk of forcing a particular algorithm is that your code will continue to use a weaker algorithm as newer ones are implemented and strengthened.
Timings:Note: 1 and 2 for cost are invalid.3& -& 0.258ms4& -& 1.2ms5& -& 2.6ms6& -& 5.ms7& -& 10.ms8& -& 20.ms9& -& 41.ms10& -& 84.ms (default)11& -& 168.ms12& -& 334.ms13& -& 680.ms14& -& 102ms15& -& 686ms16& -& 055ms17& -& 216msFor an average site the default of 10 is probably a sane enough value.
For me it didn't work, so I asked my friend and he told me to remove ."/n"So it worked like this$password = password_hash($password, PASSWORD_DEFAULT);}