SHA 512 hashing and verifying

php hash sha512
Tomislav Tomi Nikolic picture Tomislav Tomi Nikolic · Jan 13, 2017 · Viewed 15.3k times · Source

Alright so Im trying to verify password with SHA 512, but no matter what it still returns false like the hash check is not correct.

Generating hash when registering

$hashed = password_hash(hash('sha512', $password), PASSWORD_DEFAULT);

And to verify (upon login) I use simple 

public function isValidLogin($username, $password) {
    $sql = $this->connect();
    $sql->real_escape_string($username);
    $sql->real_escape_string($password);

    $res = $sql->query("SELECT password FROM users WHERE name='".$username."'");

    if ($res->num_rows >= 1) {
        while($row = $res->fetch_assoc()) {
            if (password_verify(hash('sha512', $password), $row['password'])) {
                return true;
            }
        }
    }

    return false;
}

Answer

Geordy James picture Geordy James · Jan 13, 2017

Try this code at time of registering instead of your code. 

 $hashed = hash("sha512", $password);

Related questions

How to encrypt a password that is inserted into a MySQL table?

I have some code to register that works, but I don't know how to hash the password. I want to use sha512. $con=mysqli_connect("localhost","root","","users"); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . …

Read More
Symfony2: How do i generate sha512 hash of a password?

I need to compare the password entered by the user if it is valid or not. How do i get the sha512 encryption. I am also using FOSUserBundle in my project.

Read More
How insecure is a salted SHA1 compared to a salted SHA512

SHA1 is completely insecure and should be replaced. This question is 8+ years old and times have changed: https://arstechnica.com/information-technology/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/ For passwords: https://en.wikipedia.org/wiki/PBKDF2 For data: SHA3 SHA512 is more complex than SHA1, …

Read More