Question

wp_hash_password( string $password )

Create a hash (encrypt) of a plain text password.

---

description

For integration with other applications, this function can be overwritten to instead use the other package password checking algorithm.

---

参数

$password

(string) (Required) Plain text user password to hash

---

返回值

(string) The hash string of the password

---

源代码

File: wp-includes/pluggable.php

function wp_hash_password($password) {
	global $wp_hasher;

	if ( empty($wp_hasher) ) {
		require_once( ABSPATH . WPINC . '/class-phpass.php');
		// By default, use the portable hash from phpass
		$wp_hasher = new PasswordHash(8, true);
	}

	return $wp_hasher->HashPassword( trim( $password ) );
}

---

更新日志

Version	description
2.5.0	Introduced.

---

相关函数

Used By

• wp-includes/pluggable.php: wp_set_password()
• wp-includes/pluggable.php: wp_check_password()
• wp-includes/user.php: wp_update_user()
• wp-includes/user.php: wp_insert_user()

---

User Contributed Notes

1. Skip to note content You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note Contributed by Codex

   Compare an already hashed password with its plain-text string:

   
   <?php
   $wp_hasher = new PasswordHash(8, TRUE);
   
   $password_hashed = '$P$B55D6LjfHDkINU5wF.v2BuuzO0/XPk/';
   $plain_password = 'test';
   
   if($wp_hasher->CheckPassword($plain_password, $password_hashed)) {
       echo "YES, Matched";
   } else {
       echo "No, Wrong Password";
   }
   ?>
   
   

Use Blowfish or extended DES (if available) instead of MD5 to hash the password with 16 rounds of hashing:

$wp_hasher = new PasswordHash(16, FALSE);
$hashedPassword = wp_hash_password($password);