<?php $a = "abcdefg\0"; $b = $a . random_bytes(33); // Same prefix, with junk added after the end $hash = password_hash($a, PASSWORD_BCRYPT); // Since $b has junk added to the end, we'd expect this to return // bool(false) var_dump(password_verify($b, $hash));
You have javascript disabled. You will not be able to edit any code.