PHPackages insomnius/aurphm - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. insomnius/aurphm ActiveLibrary[Security](/categories/security) insomnius/aurphm ================ Aurelia pseudo hashing method is my experimental function to hash password with HMAC (Hash-based message authentication code), PBKDF2 (Password-Based Key Derivation Function 2) and Pseudo Random Bytes. 1.1.3(8y ago)136311MITPHP Since Jan 23Pushed 8y agoCompare [ Source](https://github.com/insomnius/Aurphm)[ Packagist](https://packagist.org/packages/insomnius/aurphm)[ RSS](/packages/insomnius-aurphm/feed)WikiDiscussions master Synced 1w ago READMEChangelog (3)Dependencies (1)Versions (4)Used By (0) About Aurphm ------------ [](#about-aurphm) Aurelia pseudo hashing method (Aurphm) is my experimental function to hash password with HMAC (Hash-based message authentication code), PBKDF2 (Password-Based Key Derivation Function 2) and Pseudo Random Bytes. The main reason to create this library is to make good hash for security reason and the hash must be: - Has a random salt every hash generation - Has a user unique hash so it will generate differently if the key and credential is different using HMAC - Has a unique signature for authentication using PBKDF2 - Has a different hash value every hash generation but still can be authenticated - We can set their prefered algorithm for each method (salt, user unique, signature) - Simple to authenticate This library is inspired by a post in **crackstation** about how to make secure hash [here](https://crackstation.net/hashing-security.htm). How to use ---------- [](#how-to-use) Here is a simple step to generate a hash: ``` use Aurphm\Aurphm; $credential = "credential"; $key = "key"; $hash = Aurphm::hash($credential, $key); echo $hash; ``` The hash result will be random every generation and the one of the result is: [![hash-result-example](https://raw.githubusercontent.com/insomnius/Aurphm/master/hash-value.png "Hash result example")](https://raw.githubusercontent.com/insomnius/Aurphm/master/hash-value.png) And there is an advanced configuration too, you can change how much iteration on PBKDF, the prefix, signature length, salt algorithm, algorithm for creating user unique hash and algorithm for signature. Here is the example code: ``` $credential = 'credential'; $key = 'key'; $length = 128; $iteration = 64; $prefix = 'GITHUB'; $saltalgo = 'SHA1'; $useruniquealgo = 'SHA256'; $signaturealgo = 'MD5'; $hash = Aurphm::init()->setIteration($iteration) // You have to use ini to called this function statically, Set the iteration of pbkdf ->setPrefix($prefix) // Set the prefix of the hash ->setSignatureLength($length) // Set signature length ->setSaltAlgo($saltalgo) // Set salt hash algorithm ->setUserUniqueAlgo($useruniquealgo) // Set user unique hash algorithm (hmac algorithm) ->setSignatureAlgo($signaturealgo) // Set signature hash algorithm (pbkdf algorithm) ->hash($credential, $key); echo $hash; ``` And here is the result look like: [![hash-result-advanced-example](https://raw.githubusercontent.com/insomnius/Aurphm/master/hash-value-advanced.png "Hash result advanced example")](https://raw.githubusercontent.com/insomnius/Aurphm/master/hash-value-advanced.png) And lastly, how about authenticate? we can do that in simple way too like this: ``` $hash_value = 'AURPHM_e61ab31BBLABLABLABLABLABLABLABLA'; $key = 'key'; $credential = 'credential'; if(Aurphm::authenticate($credential, $key, $hash_value)) { echo "Authentication success!"; } else { echo "Authentication failed."; } ``` Download -------- [](#download) You can download this package via github release or if you using composer just type this and the magic will do the work. ``` composer require insomnius/aurphm ``` Demo ---- [](#demo) You can also view the demo i made in demo folder using php development server, just type this in your command prompt or terminal (make sure you are in the root directory of this project): ``` php -S localhost:7800 -t ./demo/ ``` And then open your browser with address . That's it, have fun to use it! :) ### Health Score 32 — LowBetter than 72% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity22 Limited adoption so far Community7 Small or concentrated contributor base Maturity65 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~24 days Total 3 Last Release 2989d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/aec8477966e67ea052dd2dbf83417a6a07487fddf47db92c96549bc27a6f3015?d=identicon)[insomnius](/maintainers/insomnius) --- Top Contributors [![insomnius](https://avatars.githubusercontent.com/u/20650401?v=4)](https://github.com/insomnius "insomnius (37 commits)") --- Tags securityhashhmacpbkdf ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/insomnius-aurphm/health.svg) ``` [![Health](https://phpackages.com/badges/insomnius-aurphm/health.svg)](https://phpackages.com/packages/insomnius-aurphm) ``` ### Alternatives [ayesh/stateless-csrf Secret-key based state-less CSRF token generator and validator for PHP 8. State-less means you do not have to store the CSRF token in session or database. 3223.3k](/packages/ayesh-stateless-csrf)[pentagonal/phpass PHP password hashing library original by open wall PhPass 121.6k](/packages/pentagonal-phpass) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)