wp_hash_password_algorithm – Hook | Developer.WordPress.org

apply_filters( ‘wp_hash_password_algorithm’, string $algorithm )

Filters the hashing algorithm to use in the password_hash() and password_needs_rehash() functions.

Description

The default is the value of the PASSWORD_BCRYPT constant which means bcrypt is used.

Important: The only password hashing algorithm that is guaranteed to be available across PHP installations is bcrypt. If you use any other algorithm you must make sure that it is available on the server. The password_algos() function can be used to check which hashing algorithms are available.

The hashing options can be controlled via the ‘wp_hash_password_options’ filter.

Other available constants include:

PASSWORD_ARGON2I
PASSWORD_ARGON2ID
PASSWORD_DEFAULT

Parameters

$algorithmstring: The hashing algorithm. Default is the value of the PASSWORD_BCRYPT constant.

Source

$algorithm = apply_filters( 'wp_hash_password_algorithm', PASSWORD_BCRYPT );

View all references View on Trac View on GitHub

Used by	Description
wp_password_needs_rehash()`wp-includes/pluggable.php`	Checks whether a password hash needs to be rehashed.
wp_hash_password()`wp-includes/pluggable.php`	Creates a hash of a plain text password.

Changelog

Version	Description
6.8.0	Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.