gabrielfrdev/secure-passhash
Composer 安装命令:
composer require gabrielfrdev/secure-passhash
包简介
Secure CLI password hashing with Argon2id - Production-ready tool with strict security validation
README 文档
README
PassHash is a secure, developer-focused CLI tool and library for generating and verifying password hashes. It enforces modern security standards (Argon2id) with strict validation.
🔒 Security Features
- Argon2id Standard: Enforces Argon2id with a minimum of 64 MiB memory cost.
- Secure Input: Prevents password leakage in shell history by refusing CLI arguments.
- DoS Protection: Validates input length (Max 4 KiB) and computational costs (Max Threads/Memory).
- Zero Dependencies: Lightweight, PHP >= 8.1 only.
🚀 Installation
Global (Quick Use)
composer global require gabrielfrdev/secure-passhash
Local (Development)
git clone https://github.com/gabrielfrdev/secure-passhash.git
cd secure-passhash
composer install
🚀 Executable Location
Dependendo de como você instalou, o executável estará em um lugar diferente:
- Instalação Global:
passhash - Instalação Local (Composer):
vendor/bin/passhash - Pelo Código Fonte:
./bin/passhash
Nos exemplos abaixo, usaremos ./bin/passhash, substitua pelo comando correspondente ao seu modo de instalação.
🛠 Usage
1. Generating a Hash
PassHash uses secure prompts or pipes. Passwords are never accepted as arguments.
Interactive Mode (Recommended):
./bin/passhash hash # You will be prompted securely to enter the password.
Automation (Pipe):
echo "my_super_secret_password" | ./bin/passhash hash
Output:
✔ Hash generated securely.
Algorithm: Argon2id
Hash:
$argon2id$v=19$m=65536,t=4,p=1$XyZ...
2. Verifying a Hash
To verify, provide the hash. You will be prompted for the password.
./bin/passhash verify '$argon2id$v=19$m=65536,t=4,p=1$...' # Prompt: Enter password to verify:
3. Inspect Configuration
Check the current security parameters used by the machine.
./bin/passhash config
🛡 Security considerations
- Shell History: We explicitly block
passhash hash <password>to prevent your password from being saved in.bash_historyor system logs (ps aux). - Memory Defaults: We default to 64 MiB memory cost. OWASP recommends ~19 MiB, but 64 MiB is chosen for higher resistance against GPU cracking on modern servers.
- Windows Users: On Windows CMD/PowerShell, secure input masking might not work (input visible). Use with caution or in a private environment.
🧪 Development & Testing
Run the security test suite:
composer test # or vendor/bin/phpunit
License
MIT
gabrielfrdev/secure-passhash 适用场景与选型建议
gabrielfrdev/secure-passhash 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 3 次下载、GitHub Stars 达 1, 最近一次更新时间为 2025 年 12 月 23 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 gabrielfrdev/secure-passhash 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 gabrielfrdev/secure-passhash 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 3
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 20
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2025-12-23