CreatePasswordHash()
Syntax
Result$ = CreatePasswordHash(Password$ [, WorkFactor])Description
Creates a hash digest of a password for storage and later verification of a password. It is not possible to recover the input password from the hash value, but passwords can be verified to see if they match the hash using VerifyPasswordHash() later.
Parameters
Password$ The password to hash. WorkFactor (optional) A parameter to influence the amount of work the hash function should require to create or verify a password hash. Larger values for this factor make it more costly to try to break a password by brute force but it will also make creating and verifying the password more costly for the application itself.
Allowed values are 4 to 31. Increasing the WorkFactor by one doubles the amount of work that the function does to create or later verify a password. The default value is 10.
Return value
Returns the hash of the password.
Remarks
The returned password hash includes a random component (a salt value) to ensure that multiple hashes created from the same input password do not create the same hash value. It is therefore not possible to compare the result from this function directly to check a password. The VerifyPasswordHash() function must be called to check a password instead.
This function implements the bcrypt password hashing algorithm.
Example
; Create a hash digest for secure storage
Hash$ = CreatePasswordHash("secret")
; Check passwords against the hash
Debug VerifyPasswordHash("secret", Hash$) ; correct
Debug VerifyPasswordHash("othersecret", Hash$) ; incorrect
See Also
VerifyPasswordHash()
Supported OS
All