WP_Application_Passwords::check_password() │ public static │ WP 6.8.0

Checks a plaintext application password against a hashed password.

Method of the class: WP_Application_Passwords{}

No Hooks.

Returns

true|false. Whether the password matches the hashed password.

Usage

$result = WP_Application_Passwords::check_password(;

Changelog

Since 6.8.0

Introduced.

`WP_Application_Passwords::check_password() WP Application Passwords::check password` code ^{WP 6.8.1}

wp-includes/class-wp-application-passwords.php

public static function check_password(
	#[\SensitiveParameter]
	string $password,
	string $hash
): bool {
	if ( ! str_starts_with( $hash, '$generic$' ) ) {
		/*
		 * If the hash doesn't start with `$generic$`, it is a hash created with `wp_hash_password()`.
		 * This is the case for application passwords created before 6.8.0.
		 */
		return wp_check_password( $password, $hash );
	}

	return wp_verify_fast_hash( $password, $hash );
}

WP_Application_Passwords::check_password() │ public static │ WP 6.8.0

Returns

Usage

Changelog

WP_Application_Passwords::check_password() WP Application Passwords::check password code WP 6.8.1

`WP_Application_Passwords::check_password() WP Application Passwords::check password` code ^{WP 6.8.1}