How to – password hashing in cakephp
November 25, 2007 at 6:44 am | Posted in cakephp | 9 CommentsTags: cakephp, password hashing, security
How do you do password hashing in cakephp ?
The answer is really simple, use the Security class provided by cakephp.
Example usage –
In your controller, do the following
$this->data['User']['password'] = Security::hash($this->data['User']['password']);
where ‘User’ is the model and ‘password’ is the attribute that is used to capture the password entered by the user.
By default, Security::hash takes the type sha1.
And if you want to validate or check the password entered by the user against the hashed password stored in db, use the hash method and perform the check.
9 Comments »
RSS feed for comments on this post. TrackBack URI
Leave a comment
Blog at WordPress.com.
Entries and comments feeds.
TechPub 
Thank’s dude!
Comment by yodi aditya— August 21, 2008 #
Don’t forget that the Auth component will automatically hash passwords.
Security::hash($password, ‘sha256’, true);
This would produce a more secure result.
Comment by obama— July 25, 2009 #
Thanks dude, I will give it a try and check if it works. But it sound logic!
Comment by Rubens Mariuzzo— November 27, 2009 #
thanks dude
Comment by mahadevaprasad— March 30, 2011 #
Thanks, good tip!
Comment by Bambam— May 25, 2011 #
Thanks…
Comment by Macs— June 4, 2011 #
i propose using a behavior for this:
http://www.dereuromark.de/2011/08/25/working-with-passwords-in-cakephp/
this way you have a unique handle for user and admin area as well as “forgotten password” feature etc
Comment by dereuromark— August 26, 2011 #
Thanks a lot …^^
Comment by Noe— September 21, 2011 #
nice logic
Comment by nishantz— November 3, 2011 #