php – password_hash中的成本选项是什么
作者:互联网
在php手册中,有很多例子在password_hash中使用cost
一些例子用来计算好的成本
<?php
/**
* This code will benchmark your server to determine how high of a cost you can
* afford. You want to set the highest cost that you can without slowing down
* you server too much. 8-10 is a good baseline, and more is good if your servers
* are fast enough. The code below aims for ≤ 50 milliseconds stretching time,
* which is a good baseline for systems handling interactive logins.
*/
$timeTarget = 0.05; // 50 milliseconds
$cost = 8;
do {
$cost++;
$start = microtime(true);
password_hash("test", PASSWORD_BCRYPT, ["cost" => $cost]);
$end = microtime(true);
} while (($end - $start) < $timeTarget);
echo "Appropriate Cost Found: " . $cost . "\n";
?>
成本代表什么?
解决方法:
从wikipedia开始:
The cost parameter specifies a key expansion iteration count as a
power of two, which is an input to the crypt algorithm.
标签:php-password-hash,php 来源: https://codeday.me/bug/20190824/1703575.html