SO. I want to use BCrypt for my user authentication form. I can register

Question

0

Editorial Team

Asked: June 17, 20262026-06-17T12:34:35+00:00 2026-06-17T12:34:35+00:00

SO. I want to use BCrypt for my user authentication form. I can register

0

SO.

I want to use BCrypt for my user authentication form.
I can register a user using the code

<?php
$salt = '$2a$07$R.gJb2U2N.FmZ4hPp1y2CN$';
crypt("secretpassword", $salt);
?>

Here instead of using a constant salt. I want to generate random salts using

// Posted Code from http://pastebin.com/wLxDEhD7.
$Allowed_Chars =
'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./';
$Chars_Len = 63;
$salt = "";
for($i=0;$i<45 ;$i++)
{
    $salt .= $Allowed_Chars[mt_rand(0,$Chars_Len)];
}

And store it into the database. Until this I am clear(I Hope :D)
Next what I need is to check the password when the user logs in.
For that I need the user’s input data, the salt used for that user.

crypt("secretpassword", $salt);

I can get the user input, but how will I know the salt that has been used?
I am not clear on this.

Codes have been copied from phpmaster.com and http://pastebin.com/wLxDEhD7 (from a question asked on SO, I am unable to find the question again)
This is being used purely for educational purposes.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-17T12:34:35+00:00

Editorial Team

2026-06-17T12:34:35+00:00Added an answer on June 17, 2026 at 12:34 pm

The salt is stored within the hash generated by BCrypt. So just doing this will work:

$passwordIsOk = crypt($password, $hash) === $hash;

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

SO. I want to use BCrypt for my user authentication form. I can register

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply