wp_hash_password() WordPress Function

The wp_hash_password() function is used to hash a password for use in the WordPress database. It takes an input of a password string and outputs a hash of that password.

wp_hash_password( string $password ) #

Create a hash (encrypt) of a plain text password.


Description

For integration with other applications, this function can be overwritten to instead use the other package password checking algorithm.


Top ↑

Parameters

$password

(string)(Required)Plain text user password to hash


Top ↑

Return

(string) The hash string of the password


Top ↑

More Information

This function can be replaced via plugins. If plugins do not redefine these functions, then this will be used instead.

Creates a hash of a plain text password. Unless the global $wp_hasher is set, the default implementation uses PasswordHash, which adds salt to the password and hashes it with 2**8 = 256 passes of MD5. MD5 is used by default because it’s supported on all platforms. You can configure PasswordHash to use Blowfish or extended DES (if available) instead of MD5 with the $portable_hashes constructor argument or property (see examples).


Top ↑

Source

File: wp-includes/pluggable.php

	function wp_hash_password( $password ) {
		global $wp_hasher;

		if ( empty( $wp_hasher ) ) {
			require_once ABSPATH . WPINC . '/class-phpass.php';
			// By default, use the portable hash from phpass.
			$wp_hasher = new PasswordHash( 8, true );
		}

		return $wp_hasher->HashPassword( trim( $password ) );
	}


Top ↑

Changelog

Changelog
VersionDescription
2.5.0Introduced.

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.

Show More