WordPress.org

Ready to get started?Download WordPress

Codex

Function Reference/wp check password

Contents

Description

This function can be replaced via plugins. If plugins do not redefine these functions, then this will be used instead.

Checks the plaintext password against the encrypted Password.

Maintains compatibility between old version and the new cookie authentication protocol using PHPass library. The $hash parameter is the encrypted password and the function compares the plain text password when encypted similarly against the already encrypted password to see if they match.

For integration with other applications, this function can be overwritten to instead use the other package password checking algorithm.

Usage

<?php wp_check_password$password$hash$user_id ?>

Parameters

$password
(string) (required) Plaintext user's password.
Default: None
$hash
(string) (required) Hash of the user's password to check against.
Default: None
$user_id
(unknown) (optional)
Default: ''

Return Values

(boolean) 
False, if the $password does not match the hashed password

Examples

$user = get_user_by( 'login', $username )
if ( $user && wp_check_password( $pass, $user->data->user_pass, $user->ID) )
   echo "That's it";
else
   echo "Nope"

Notes

  • This function can be replaced via plugins. If plugins do not redefine these functions, then this will be used instead.
  • Uses: PasswordHash::CheckPassword().
  • Uses global: (unknown type) $wp_hasher

Change Log

  • Since: 2.5

Source File

wp_check_password() is located in wp-includes/pluggable.php.

Related

See also index of Function Reference and index of Template Tags.