#1253 September 3rd, 2016 at 14:16 in Computer WWW hash password security Permalink Wow, the highest cost (31) bcrypt hashing of a password with PHP’s password_hash() function is quite safe from brute force attacks from my laptop: It ran for almost 282 CPU minutes trying to compute one hash before I stopped it. Related Posts