Password Hash?

Hello everyone,

I’d like to know how password hash is generated?

This is my code:



// How to get password_hash variable?

$user = User::find()->where(['email'=>$email, 'password_hash'=>$password_hash])->one();


   echo "there is";

} else {




Fetch User by email and validate password in PHP:

$user = User::find()->where(['email'=>$email])->one();


   // Wrong email

} elseif (!Yii::$app->security->validatePassword($password, $user->password_hash)) {

   // Invalid password

} else {

  // Ok


As far as I understand, the hashing algorithm generates a new random salt string on each call so you cannot simply re-generate the stored value.

Thank you! I’ll try it asap.

EDIT: It works perfectly. Thanks a lot.