WordPress at a glance

wp_hash_password() WP 1.0

Create a hash (encrypt) of a plain text password.

For integration with other applications, this function can be overwritten to instead use the other package password checking algorithm.

  • Global. PasswordHash. $wp_hasher PHPass object

This is a pluggable function, and it can be replaced from plugin. It means that this function is defined (works) only after all plugins are connected (included), but before this moment the function has not yet been defined... Therefore, you cannot call this and all functions depended on this function directly from a plugin code. It must be called via hook plugins_loaded or later, for example on hook init.

Function replacement (override) — in a plugin you can create a function with the same name, then it will replace this function.

Is the basis for: wp_set_password()

No Hooks.


String. The hash string of the password


wp_hash_password( $password );
$password(string) (required)
Plain text user password to hash

Code of wp_hash_password: wp-includes/pluggable.php VER 4.9.8

function wp_hash_password($password) {
	global $wp_hasher;

	if ( empty($wp_hasher) ) {
		require_once( ABSPATH . WPINC . '/class-phpass.php');
		// By default, use the portable hash from phpass
		$wp_hasher = new PasswordHash(8, true);

	return $wp_hasher->HashPassword( trim( $password ) );

Related Functions

From tag: password

More from tag: Site security (safety)

No comments
    Hello, !     Log In . Register