Version 1.6 (checked in on 2009/02/26 at 07:30:26 by webchick)
Secure password hashing functions for user authentication.
Based on the Portable PHP password hashing framework.
An alternative or custom version of this password hashing API may be used by setting the variable password_inc to the name of the PHP file containing replacement user_hash_password(), user_check_password(), and user_needs_new_hash() functions.
|DRUPAL_HASH_COUNT||The standard log2 number of iterations for password stretching. This should increase by 1 at least every other Drupal version in order to counteract increases in the speed and power of computers available to crack the hashes.|
|DRUPAL_MAX_HASH_COUNT||The maximum allowed log2 number of iterations for password stretching.|
|DRUPAL_MIN_HASH_COUNT||The minimum allowed log2 number of iterations for password stretching.|
|user_check_password||Check whether a plain text password matches a stored hashed password.|
|user_hash_password||Hash a password using a secure hash.|
|user_needs_new_hash||Check whether a user's hashed password needs to be replaced with a new hash.|
|_password_base64_encode||Encode bytes into printable base 64 using the *nix standard from crypt().|
|_password_crypt||Hash a password using a secure stretched hash.|
|_password_generate_salt||Generates a random base 64-encoded salt prefixed with settings for the hash.|
|_password_get_count_log2||Parse the log2 iteration count from a stored hash or setting string.|
|_password_itoa64||Returns a string for mapping an int to the corresponding base 64 character.|