password.inc - OpenGrok cross reference for /plugin/authdrupal8/password.inc

Lines Matching refs:password
5 * Secure password hashing functions for user authentication.
7 * Based on the Portable PHP password hashing framework.
10 * An alternative or custom version of this password hashing API may be
17 * The standard log2 number of iterations for password stretching. This should
23 // The minimum allowed log2 number of iterations for password stretching.
26 // The maximum allowed log2 number of iterations for password stretching.
29 // The expected (and maximum) number of characters in a hashed password.
81 *  password without actually having to guess one of the passwords.
123 * Hash a password using a secure stretched hash.
125 * By using a salt and repeated hashing the password is "stretched". Its
132 * @param $password
133 *  Plain-text password up to 512 bytes (128 to 512 UTF-8 characters) to hash.
139 *  A string containing the hashed password (and salt) or FALSE on failure.
142 function _password_crypt($algo, $password, $setting) {
144  if (strlen($password) > 512) {
149   if (password_verify($password, $setting)) {
173  $hash = hash($algo, $salt . $password, TRUE);
175   $hash = hash($algo, $hash . $password, TRUE);
192 * Hash a password using a secure hash.
194 * @param $password
195 *  A plain-text password.
201 *  A string containing the hashed password (and a salt), or FALSE on failure.
203 function user_hash_password($password, $count_log2 = 0) {
208  return _password_crypt('sha512', $password, _password_generate_salt($count_log2));
212 * Check whether a plain text password matches a stored hashed password.
218 * @param $password
219 *  A plain-text password
226 function user_check_password($password, $account) {
228   // This may be an updated password from user_update_7000(). Such hashes
231   $password = md5($password);
240    // A normal Drupal 7 password using sha512.
241    $hash = _password_crypt('sha512', $password, $stored_hash);
246    // A phpass password generated using md5. This is an
247    // imported password or from an earlier Drupal version.
248    $hash = _password_crypt('md5', $password, $stored_hash);
257 * Check whether a user's hashed password needs to be replaced with a new hash.
260 * password is available. A new hash is needed when the desired iteration count
262 * DRUPAL_HASH_COUNT or if the user's password hash was generated in an update
275  // Check whether this was an updated password.