GoLang password_needs_rehash

request it (268)
GoLang replacement for PHP's password_needs_rehash [edit | history]

Do you know a GoLang replacement for PHP's password_needs_rehash? Write it!

PHP password_needs_rehash

PHP original manual for password_needs_rehash [ show | php.net ]


(PHP 5 >= 5.5.0, PHP 7)

password_needs_rehashChecks if the given hash matches the given options


bool password_needs_rehash ( string $hash , int $algo [, array $options ] )

This function checks to see if the supplied hash implements the algorithm and options provided. If not, it is assumed that the hash needs to be rehashed.



A hash created by password_hash().


A password algorithm constant denoting the algorithm to use when hashing the password.


An associative array containing options. See the password algorithm constants for documentation on the supported options for each algorithm.


Example #1 Usage of password_needs_rehash()


$hash '$2y$10$YCFsG6elYca568hBi2pZ0.3LDL5wjgxct1N8w/oLR/jfHsiQwCqTS';

// The cost parameter can change over time as hardware improves
$options = array('cost' => 11);

// Verify stored hash against plain-text password
if (password_verify($password$hash)) {
// Check if a newer hashing algorithm is available
    // or the cost has changed
if (password_needs_rehash($hashPASSWORD_DEFAULT$options)) {
// If so, create a new hash, and replace the old one
$newHash password_hash($passwordPASSWORD_DEFAULT$options);

// Log user in

Return Values

Returns TRUE if the hash should be rehashed to match the given algo and options, or FALSE otherwise.