WordPress.org

Forums

Hasing User Passwords (3 posts)

  1. Cory.Nickerson
    Member
    Posted 1 year ago #

    Working on a custom login page. I need to know how to hash the submitted password via the login form to match the password in the database.

    $user_password = wp_hash_password( $_POST['user_password'] );
    
    echo $user_password

    This doesn't work. The output string for $user_password varies every time the form is submitted.

  2. bcworkz
    Member
    Posted 1 year ago #

    You cannot get an identical hash because the hash generation includes a random salt. I don't fully understand the cryptography involved, but when you use wp_check_password(), it knows how to verify if the submitted plaintext correlates to the stored hash. It is much more than a simple string comparison of the old & new hashes.

  3. Joe Dolson
    Member
    Posted 1 year ago #

    Is it necessary to have your signon process completely skip the normal wp_signon() process? As long as your log-in function is running within WordPress somewhere, you should be able to simply use wp_signon(), and pass the user login and password to the function.

    wp_signon()

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.