Simon, > * Will the value of the constant PASSWORD_DEFAULT remain unchanged forever? > Otherwise this lib, in my opinion, can cause big problems when trying to > port an existing system to a newer PHP-version.
No. That's why it's a separate constant. As newer, stronger hashing options become available, the default is designed to change over time. I'll update the RFC to indicate such. > * Is this a native version of phpass? http://www.openwall.com/phpass/ In a sense, yes. It's designed to have a dirt-simple API (similar to yours) built in to the core. Thanks, Anthony -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
