Thanks to my last question about hashed passwords:
Function password_verify : Error comparing passwords
I'm curious how a hasheado works in PHP.
Quoting the web:
The hashing function produces a single length result Fixed , if for some reason or another, a single bit of information is modified , this will necessarily produce a different hash original.
Then the following happens:
If I apply the password_hash 100 times to a specific value, it returns 100 different results, despite this having not been modified
Or if it is.? .
However, the function
password_verifyhas the ability to compare if the value entered in a variable is equal to the hash that is possessed (saved or not in a database).
This is where I take reference to my question, if I have already hashed a data (contained in a database A) and returns true when compared with its hash
Why when exporting it to another database (B) is it no longer valid?
Are the bits that make up this data moded? .
I also note the fact of
hash collision, when two data of Different types have the same hash.
If two data can generate the same hash and collide (because they will be the same in a hash string), because when exporting my data they are no longer valid, thus giving rise to nothing else that I read:
To know if the value hasheado is equal to another, the algorithm hashea both values and check if the generated chains are equal.
Check the liberia passwordLib.php and it contains the following:
if (!function_exists('password_verify')){
function password_verify($password, $hash){
return (crypt($password, $hash) === $hash);
}
}
I see that you have a crypt of the password and the hash that you have, therefore if you apply the process of encrypting the password again or failing that value.
I conclude with my question:
Are these data modified (internally) when going from one database to another?