FieldtypePassword

Stores a hashed and salted password

The value is always a Password object — the raw hash is never exposed. Setting a new password is done by assigning a plain-text string.

Value type

Password object. The Password class provides:

$field->pass (write-only) — set a new plain-text password
$field->hash — the stored hash (read-only)
$field->matches('plain') — verify a plain-text password against the stored hash

Getting and setting values

// Set a new password
$user->pass = 'NewSecurePassword123!';
$user->save('pass');

// Verify a password
if($user->pass->matches('enteredPassword')) {
    // correct password
}

// Check if a password has been set
if($user->pass->hash) {
    // password is set
}

Do not read $user->pass and re-assign it — doing so may corrupt or double-hash the stored value.

Selectors

Password fields cannot be used in selectors. The hash is not searchable and the plain-text value is never stored.

Notes

The password is hashed using bcrypt. The plain-text value is never stored.
No compatible fieldtypes (password cannot be converted to another type).
Database columns: char(40) for hash, char(32) for salt.

API reference: methods, hooks

Click any linked item for full usage details and examples. Hookable methods are indicated with the icon. In addition to those shown below, the FieldtypePassword class also inherits all the methods and properties of: Fieldtype, WireData and Wire.

Common

Name	Return	Summary
FieldtypePassword::getBlankValue() FieldtypePassword::getBlankValue(Page $page, Field $field) FieldtypePassword::getBlankValue(Page $page, Field $field)	`Password`	Get a blank password item object
FieldtypePassword::getCompatibleFieldtypes() FieldtypePassword::getCompatibleFieldtypes(Field $field) FieldtypePassword::getCompatibleFieldtypes(Field $field)	`null` `array`	Return all Fieldtypes derived from FieldtypeText, which we will consider compatible
FieldtypePassword::getConfigInputfields() FieldtypePassword::getConfigInputfields(Field $field) FieldtypePassword::getConfigInputfields(Field $field)	`InputfieldWrapper`	Return the fields required to configure an instance of FieldtypePassword
FieldtypePassword::getDatabaseSchema() FieldtypePassword::getDatabaseSchema(Field $field) FieldtypePassword::getDatabaseSchema(Field $field)	`array`	Return the database schema in specified format
FieldtypePassword::getFieldClass() FieldtypePassword::getFieldClass() FieldtypePassword::getFieldClass(array $a = [])	`string`	Get the Field class to use for fields of this type
FieldtypePassword::getInputfield() FieldtypePassword::getInputfield(Page $page, Field $field) FieldtypePassword::getInputfield(Page $page, Field $field)	`InputfieldPassword`	Return the associated Inputfield
FieldtypePassword::sanitizeValue() FieldtypePassword::sanitizeValue(Page $page, Field $field, $value) FieldtypePassword::sanitizeValue(Page $page, Field $field, $value)	`Password`	Sanitize value for runtime
FieldtypePassword::sleepValue() FieldtypePassword::sleepValue(Page $page, Field $field, $value) FieldtypePassword::sleepValue(Page $page, Field $field, $value)	`array` `string` `int`	Given an 'awake' value, as set by wakeupValue, convert the value back to a basic type for storage in DB.
FieldtypePassword::wakeupValue() FieldtypePassword::wakeupValue(Page $page, Field $field, array $value) FieldtypePassword::wakeupValue(Page $page, Field $field, array $value)	`Password`	Given a raw value (value as stored in DB), return the value as it would appear in a Page object

Additional methods and properties

In addition to the methods and properties above, FieldtypePassword also inherits the methods and properties of these classes:

API reference based on ProcessWire core version 3.0.261