I got this code off the PHP website. I can make this work without the Salt. But how do you verify with the salt - or does it have to be stored into a variable then you use that later? Not sure how to proceed to the next step to verify. Lots of tutorials on how to make a hash, but to verify is another thing. Thank you.
$options = [
'cost' => 11,
'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM),
];
echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options)."
";
// See the password_hash() example to see where this came from.
$hash = '$2y$11$nJp/w0OC41I0m44T9OQKBuWUrQi63PrJuvDc68KI6oDBdnZK01kiW ';
if (password_verify('rasmuslerdorf', $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
