0

I'm importing users from a .csv file and I try to generate a password for each of them using:

Hash::make(Str::random(10))
// OR
bcrypt(Str::random(10))

The problem is that it takes about 8 sec for 150 users so more than 6 min for all users, there is a faster way to generate a password?

Beusebiu
  • 1,433
  • 4
  • 23
  • 68
  • 1
    Does this answer your question? [Fastest hash for non-cryptographic uses?](https://stackoverflow.com/questions/3665247/fastest-hash-for-non-cryptographic-uses) – Nico Haase Dec 06 '21 at 18:43
  • 7
    Password hashes are supposed to be slow, it makes them that much harder to brute force. – Alex Howansky Dec 06 '21 at 18:45
  • 1
    https://stackoverflow.com/questions/30215781/why-is-password-hashing-e-g-phps-password-hash-so-slow (basically what Alex said in more detail) – Don't Panic Dec 06 '21 at 18:46
  • 4
    How often are you bulk creating passwords that waiting 6 minutes is a problem? This shouldn't be a regular occurrence... – Alex Howansky Dec 06 '21 at 18:49
  • 1
    Huh, not the answer that I hoped for, but now I have a better understanding of why it takes that much time. Thank you! – Beusebiu Dec 06 '21 at 18:51
  • Only 1 time per application, basically when a new client instance is created. – Beusebiu Dec 06 '21 at 18:52
  • 3
    Just dispatch the password creation to a queued job. – miken32 Dec 06 '21 at 18:56
  • https://stackoverflow.com/questions/4443476/optimal-bcrypt-work-factor might be useful as well. You can adjust the work-factor in `Hash::make` ([see the manual](https://laravel.com/docs/8.x/hashing#adjusting-the-bcrypt-work-factor)), just make sure you know what the actual effects are – iainn Dec 06 '21 at 19:06

0 Answers0