Bcrypt vs Hash in laravel
Your second option isn't bcrypt. Laravel's Crypt
class uses AES encryption.
As stated in the documentation:
Laravel provides facilities for strong AES encryption via the Mcrypt PHP extension.
As far as I can tell you don't need to be able to decrypt the data, to reverse the encryption. Therefore you should definitely use a hashing algorithm like sha256 in your first option. However Laravel ships with a pretty good hashing class already so why not use that.
Option 3 (Laravel Hash
, Bcrypt)
$hash = Hash::make('secret');$input = 'secret';if(Hash::check($input, $hash)){ // the input matches the secret}
Note that you have to use Hash::check()
for comparing. You can't just create another hash with Hash::make()
and compare them. The generated hash contains a random component, so even if it's the same secret, Hash::make()
will produce a different hash every time.