Php – Best way to protect your password in 2019 with PHP


I'm just wondering what is the best way to encrypt your password with PHP in 2019.
I'm using this method, but many people tell me that is an unsafe way now:

$password_protect = md5($_POST["password"]);

I did some research but I find only for 2017. So, what is the best way for that?

Thank you

Best Solution

Use password_hash().

Also check on password_verify().

PHP passwordhash()

And also check



$password = "ABCDabcd";

echo password_hash($password, PASSWORD_BCRYPT, array('cost'=>12));

The example should output something like this:


To verify: Say user input their password and you stored it in input variable;

$input = 'ABCDabcd';

$hashed_password = '$2y$12$N6FSH8yRo0YMQ4oPJHN1vOkv7GfK3OhVp22H/AjGoVLY.5Dm7ECYS';


echo 'password is valid';


echo 'Password is invalid';


This should return password is valid.