Laravel – Hashing





Hashing is important for secure our password. It converts the string of characters into fixed value that denotes the original string. In Laravel, provides the Hash facade, Which is provides the secure Bcrypt and Argon2 for storing passwords.


This is below example , How to save hashing password throuh Hash Facades :


userpasswordController is controller name :

Note ( It will be created by commnad line : php artisan make:controller userpasswordController )



namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use App\Http\Controllers\Controller

class userpasswordController extends Controller{
      * Updating the password for the user.
      * @param Request $request
      * @return Response
   public function update(Request $request){
      // Validate the new password length...
         'password' => Hash::make($request->userPassword) // Hashing passwords



As we have seen the above methods make(). It is used for store the secure password , using the bcrypt hashing algorithm, It very famous in Laravel framework.


Adjusting The Bcrypt Work Factor :

When we use Bcrypt algorithm ,the make method allows us to manage the algorithm using rounds option



$hashed = Hash::make('password', [
    'rounds' => 12


Adjusting The Argon2 Work Factor :

When we use Argon2 algorithm ,the make method allows us to manage the algorithm using memory, time, and threads options.


$hashed = Hash::make('password', [
    'memory' => 1024,
    'time' => 2,
    'threads' => 2,


Verification of Password against Hash :


This is also great features in Laravel , You can can verify the hashed password against the original string by check method.


This is below code , How we check hash password :

if (Hash::check('plain-text', $hashedPassword)) {
   // match password...

Checking If A Password Needs To Be Rehashed :

The needsRehash method allows us to determine if the work factor used by the hasher has changed since the password was hashed:


if (Hash::needsRehash($hashed)) {
    $hashed = Hash::make('plain-text');


Note : check() methods compare the given plain string with the hashed password , If it is matched then it returns the true.


Leave a Reply

Your email address will not be published. Required fields are marked *