Skip to content

Instantly share code, notes, and snippets.

@Dynom
Created May 30, 2014 08:10
Show Gist options
  • Save Dynom/33f02c7d9f42d8fcd3b1 to your computer and use it in GitHub Desktop.
Save Dynom/33f02c7d9f42d8fcd3b1 to your computer and use it in GitHub Desktop.
A snippet that will calculate the work/cost factor of encrypting. Based on a number in seconds it suggest a cost factor
/**
* This code will benchmark your server to determine how high of a "cost" you
* can afford. You want to set the highest cost that you can without slowing
* down your server too much. 10 is a good baseline, and more is good if your
* servers are fast enough.
*
* Obviously You should run this on the server that will be encrypting..
*/
// What is the maximum time, your server should spend on encrypting?
// Fractional number in seconds.
$timeTarget = 0.7;
// Calculating below here
$cost = 5;
do {
$cost++;
$start = microtime(true);
password_hash("test", PASSWORD_BCRYPT, ["cost" => $cost]);
$end = microtime(true);
} while (($end - $start) < $timeTarget);
echo "Appropriate Cost Found: " . $cost . "\n";
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment