wp_hash_password_algorithm │ filter-hook │ WP 6.8.0

Filters the hashing algorithm to use in the password_hash() and password_needs_rehash() functions.

The default is the value of the PASSWORD_BCRYPT constant which means bcrypt is used.

Important: The only password hashing algorithm that is guaranteed to be available across PHP installations is bcrypt. If you use any other algorithm you must make sure that it is available on the server. The password_algos() function can be used to check which hashing algorithms are available.

The hashing options can be controlled via the wp_hash_password_options filter.

Other available constants include:

PASSWORD_ARGON2I
PASSWORD_ARGON2ID
PASSWORD_DEFAULT

Usage

add_filter( 'wp_hash_password_algorithm', 'wp_kama_hash_password_algorithm_filter' );

/**
 * Function for `wp_hash_password_algorithm` filter-hook.
 * 
 * @param string $algorithm The hashing algorithm.
 *
 * @return string
 */
function wp_kama_hash_password_algorithm_filter( $algorithm ){

	// filter...
	return $algorithm;
}

$algorithm(string): The hashing algorithm.
Default: value of the PASSWORD_BCRYPT constant

Changelog

Since 6.8.0	Introduced.
Since 7.0.0	The `$algorithm` parameter is now always a string.

Where the hook is called

wp_hash_password()

wp_hash_password_algorithm

wp_hash_password_options

wp_password_needs_rehash()

wp_hash_password_algorithm

wp_hash_password_options

password_needs_rehash

wp-includes/pluggable.php 2785

$algorithm = apply_filters( 'wp_hash_password_algorithm', PASSWORD_BCRYPT );

wp-includes/pluggable.php 2915

$algorithm = apply_filters( 'wp_hash_password_algorithm', PASSWORD_BCRYPT );

Where the hook is used in WordPress

Usage not found.