PHPackages daggerx/password-hasher - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. daggerx/password-hasher ActiveLibrary[Security](/categories/security) daggerx/password-hasher ======================= Ultra-secure password hashing and encryption library. v3.0.0(1y ago)081MITPHPPHP >=8.0 Since Mar 21Pushed 1y ago1 watchersCompare [ Source](https://github.com/thedaggerx/DaggerX)[ Packagist](https://packagist.org/packages/daggerx/password-hasher)[ RSS](/packages/daggerx-password-hasher/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (3)DependenciesVersions (4)Used By (0) 🔥 **DaggerX V3** — The Fastest, Strongest, PHP Security Library 🔥 ================================================================= [](#-daggerx-v3--the-fastest-strongest-php-security-library-) DaggerX is an **open-source** password hashing and encryption library designed for **unbreakable security**. It ensures that even the platform owner **cannot decrypt data** without the correct secret key. With V3, DaggerX is now the **fastest, strongest** security library for PHP developers, offering key rotation, dual encryption modes, and optimized performance without compromising security. --- 🚀 **What's New and Added in V3** -------------------------------- [](#-whats-new-and-added-in-v3) ✅ **Key Rotation Support** — - Seamlessly rotate your developer key (`$devKey`) for both password hashes and encrypted messages. - Protect against long-term key compromise with `rotateHashKey()` and `rotateEncryptionKey()`. ✅ **Dual Encryption Modes** — - **AES-256-GCM**: Authenticated encryption with Additional Authenticated Data (AAD) support. - **AES-256-CBC**: Confidentiality with HMAC (SHA3-512) for integrity, for compatibility with legacy systems. ✅ **Optimized for Speed** — - Reduced Argon2id defaults: **Memory Cost** to **64 MB** (from 128 MB), **Time Cost** to **3 iterations** (from 5). - Still exceeds OWASP security recommendations while being faster for real-world use. ✅ **Enhanced Security** — - Deterministic key derivation with **SHA3-512** for both hashing and encryption. - HMAC (SHA3-512) for AES-256-CBC ensures integrity. ✅ **Session-Based Entropy (New)** — - New function `setSessionUsage()` for incorporating session IDs or random bytes for better entropy. - Toggle session usage based on environment (CLI or Web). ✅ **Argon2id Customization (New)** — - Added support for customizing Argon2id parameters such as `memory_cost`, `time_cost`, and `threads`. - Optimize for your hardware and security needs. ✅ **Key Derivation Separation (New)** — - Separate key derivation logic for hashing and encryption. - Improves maintainability and modularity. ✅ **Feared by Attackers** — - Combines Argon2id, AES-256, and SHA3-512 with key rotation to create an impenetrable security layer. - A library that attackers will dread facing. --- **Installation** (For PHP Developers) ------------------------------------- [](#installation-for-php-developers) Install via **Composer**: ``` composer require daggerx/password-hasher ``` Include in your project: ``` ``` ### Hashing a Password [](#hashing-a-password) ``` ``` ### Verifying a Password [](#verifying-a-password) ``` ``` ### Encrypting a Message (AES-256-GCM with AAD) [](#encrypting-a-message-aes-256-gcm-with-aad) ``` ``` ### Encrypting a Message (AES-256-CBC) [](#encrypting-a-message-aes-256-cbc) ``` ``` ### Decrypting a Message [](#decrypting-a-message) ``` ``` ### Rotating a Hash Key [](#rotating-a-hash-key) ``` ``` ### Rotating an Encryption Key [](#rotating-an-encryption-key) ``` ``` ### Customizing Argon2id Parameters for Performance [](#customizing-argon2id-parameters-for-performance) ``` ``` --- Example: Login and Registration System -------------------------------------- [](#example-login-and-registration-system) DaggerX v3.0.0 can be used to create a secure login and registration system where: Passwords are hashed using hashPassword and verified with verifyPassword. Sensitive data (e.g., the user's name) is encrypted with encryptMessage during registration and decrypted with decryptMessage during login. Database Schema --------------- [](#database-schema) Create a users table to store user data: sql ``` CREATE TABLE users ( id INT AUTO_INCREMENT PRIMARY KEY, name VARCHAR(512) NOT NULL, -- Stores encrypted name email VARCHAR(255) NOT NULL UNIQUE, password VARCHAR(1024) NOT NULL, -- Stores hashed password created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); ``` Important Notes on Column Lengths: ---------------------------------- [](#important-notes-on-column-lengths) The password column should be atleast VARCHAR(1024) to accommodate the full base64-encoded hash (typically ~350-400 characters). A shorter length (e.g., VARCHAR(255)) will truncate the hash, causing verifyPassword to fail. The name column should be atleast VARCHAR(512) to store the base64-encoded encrypted name, which can be longer than the plaintext name (e.g., ~160 characters for a short name like "John Doe"). Registration Example (register.php) ```