Hasing User Passwords

  • Working on a custom login page. I need to know how to hash the submitted password via the login form to match the password in the database.

    $user_password = wp_hash_password( $_POST['user_password'] );

echo $user_password

    This doesn’t work. The output string for $user_password varies every time the form is submitted.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator bcworkz

    (@bcworkz)

    You cannot get an identical hash because the hash generation includes a random salt. I don’t fully understand the cryptography involved, but when you use wp_check_password(), it knows how to verify if the submitted plaintext correlates to the stored hash. It is much more than a simple string comparison of the old & new hashes.

    Is it necessary to have your signon process completely skip the normal wp_signon() process? As long as your log-in function is running within WordPress somewhere, you should be able to simply use wp_signon(), and pass the user login and password to the function.

    wp_signon()

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hasing User Passwords’ is closed to new replies.