What is the default password hash algorithm for Wordpress?

Question

Does anyone have an authoritative source for the WordPress password hashing?https://developer.wordpress.org/reference/functions/wp_hash_password/ references https://www.openwall.com/phpass/ which in turn references https://www.php.net/manual/en/function.password-hash.php but is not clear which supported algo is default.SO has a couple of q&as but nothing authoritative.

al2o3cr · Accepted Answer

The PHP docs make a pretty clear statement:

    PASSWORD_DEFAULT - Use the bcrypt algorithm (default as of PHP 5.5.0).

(from https://www.php.net/manual/en/function.password-hash.php)

and then there's also the source code:

https://github.com/php/php-src/blob/bf92bddb878dbd86d23db290...

What is the default password hash algorithm for Wordpress?

The PHP docs make a pretty clear statement: PASSWORD_DEFAULT - Use the bcrypt algorithm (default as of PHP 5.5.0). (from https://www.php.net/manual/en/function.password-hash.php)and then there's also the source code:https://github.com/php/php-src/blob/bf92bddb878dbd86d23db290...

The PHP docs make a pretty clear statement:
`PASSWORD_DEFAULT - Use the bcrypt algorithm (default as of PHP 5.5.0).`
(from https://www.php.net/manual/en/function.password-hash.php)
and then there's also the source code:
https://github.com/php/php-src/blob/bf92bddb878dbd86d23db290...