O'Reilly logo

Mastering Yii by Charles R. Portwood II

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Hashing and encryption

When dealing with user information, it's essential to be mindful of best security practices in order to ensure that user information such as passwords is stored in a way that if your database is compromised, the user's bare passwords are not exposed in plain text. As shown in Chapter 3, Migrations, DAO, and Query Building, we're using the native PHP password_hash() and password_verify() functions to encrypt and decrypt our users' passwords. While these standards are easy to use, in the development of your application, you may find it easier to take advantage of the Yii2 security component used to hash user passwords and for the encryption of sensitive data:

Yii::$app->getSecurity();

Hashing and verifying passwords

With Yii2, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required