PHPackages luisinder/blowfish-lib - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. luisinder/blowfish-lib ActiveLibrary luisinder/blowfish-lib ====================== Simple helper library for hashing and verifying passwords using Blowfish (bcrypt). 1.0.0(9mo ago)1174MITPHPPHP >=7.4CI failing Since Jan 9Pushed 9mo ago1 watchersCompare [ Source](https://github.com/luisinder/blowfish-lib)[ Packagist](https://packagist.org/packages/luisinder/blowfish-lib)[ Docs](https://github.com/luisinder/blowfish-lib)[ RSS](/packages/luisinder-blowfish-lib/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependencies (1)Versions (6)Used By (0) blowfish-lib ============ [](#blowfish-lib) Simple helper library for hashing and verifying passwords using the Blowfish (bcrypt) algorithm in PHP. โœจ Features ---------- [](#-features) - Secure password hashing via `password_hash()` (bcrypt) - Password verification helper - Configurable cost factor - Backwards-compatible method names (`crypt_blowfish`, `checkPassword`) retained ๐Ÿ“ฆ Installation -------------- [](#-installation) Via Composer (recommended): ``` composer require luisinder/blowfish-lib ``` Or clone/download and include the file manually: ``` require_once __DIR__ . '/src/blowFish.php'; ``` โœ… Requirements -------------- [](#-requirements) - PHP >= 7.4 ๐Ÿš€ Usage ------- [](#-usage) ``` require_once __DIR__ . '/vendor/autoload.php'; $bf = new BlowFish(12); // cost factor 12 $hash = $bf->hashPassword('My$ecretP@ss'); if ($bf->verifyPassword('My$ecretP@ss', $hash)) { echo "Password valid"; } else { echo "Invalid password"; } ``` ### Backwards Compatibility [](#backwards-compatibility) Older code using: ``` $bf->crypt_blowfish($password); $bf->checkPassword($plain, $hash); ``` โ€ฆwill still function, but you should migrate to: ``` $bf->hashPassword($password); $bf->verifyPassword($plain, $hash); ``` An internal `class_alias` keeps the legacy lowercase `blowFish` class name available. ### Rehashing Strategy [](#rehashing-strategy) You can detect when to upgrade stored hashes to a higher cost: ``` $bf = new BlowFish(10); $hash = $bf->hashPassword('secret'); // Later increase cost $bfStronger = new BlowFish(12); if ($bfStronger->needsRehash($hash)) { $hash = $bfStronger->hashPassword('secret'); } ``` โš™๏ธ Cost Factor Guidance ----------------------- [](#๏ธ-cost-factor-guidance) Typical values: 10โ€“14. Higher = more secure but slower. Benchmark in your environment aiming for ~100ms or less per hash for interactive logins. ๐Ÿ”’ Security Notes ---------------- [](#-security-notes) - Do NOT store plain passwords. - Always use `password_verify()` (wrapped by `verifyPassword`). - Rotate the cost upwards over time; you can rehash existing hashes with `password_needs_rehash()` externally if desired (not included to keep this helper minimal). ๐Ÿ“„ License --------- [](#-license) MIT. See [LICENSE](LICENSE). ๐Ÿงพ Changelog ----------- [](#-changelog) See [CHANGELOG.md](CHANGELOG.md) for notable changes. ๐Ÿค Contributing -------------- [](#-contributing) Issues and pull requests are welcome. Please include a clear description and if possible a test snippet to reproduce or validate the change. ๐Ÿงช Example Script ---------------- [](#-example-script) Run the included example after install: ``` composer run example ``` ๐Ÿงช Tests ------- [](#-tests) Install dev dependencies and run PHPUnit: ``` composer install composer test ``` ๐Ÿ›  Continuous Integration ------------------------ [](#-continuous-integration) GitHub Actions workflow runs the test suite on PHP 7.4โ€“8.3. See `.github/workflows/ci.yml`. Author ------ [](#author) Luis Cajigas --- Enjoy and stay secure! ### Health Score 39 โ€” LowBetter than 86% of packages Maintenance58 Moderate activity, may be stable Popularity12 Limited adoption so far Community7 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits โ€” single point of failure How is this calculated?**Maintenance (25%)** โ€” Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** โ€” Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** โ€” Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** โ€” Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~784 days Total 5 Last Release 273d ago Major Versions 0.1.5 โ†’ 1.0.02025-08-10 PHP version history (2 changes)0.1PHP >=5.4.0 1.0.0PHP >=7.4 ### Community Maintainers ![](https://www.gravatar.com/avatar/41f285cd1fc2a408b0a71a01adb00bf6bfd9925edf8e4dbe16acc73361c108fc?d=identicon)[luisinder](/maintainers/luisinder) --- Top Contributors [![lcajigasm](https://avatars.githubusercontent.com/u/6973356?v=4)](https://github.com/lcajigasm "lcajigasm (10 commits)") --- Tags blowfishpasswordhashbcrypt ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/luisinder-blowfish-lib/health.svg) ``` [![Health](https://phpackages.com/badges/luisinder-blowfish-lib/health.svg)](https://phpackages.com/packages/luisinder-blowfish-lib) ``` ### Alternatives [passwordlib/passwordlib A Password Hashing Library 377220.6k6](/packages/passwordlib-passwordlib)[bordoni/phpass Portable PHP password hashing framework 244.4M26](/packages/bordoni-phpass)[paragonie/password_lock Wraps Bcrypt-SHA2 in Authenticated Encryption 19348.7k1](/packages/paragonie-password-lock)[phpnode/yiipassword Password strategies for the Yii PHP framework. 75188.5k3](/packages/phpnode-yiipassword)[yiisoft/security Security utilities 43451.3k6](/packages/yiisoft-security)[elnur/blowfish-password-encoder-bundle Blowfish (bcrypt) based password encoder for Symfony2 61129.6k](/packages/elnur-blowfish-password-encoder-bundle) PHPackages ยฉ 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)