Is PHP Native Password Hash free?

Yes, PHP Native Password Hash is free to use. It is available as a free plugin on WordPress.org.

How many websites use PHP Native Password Hash?

PHP Native Password Hash has 2.0K+ active installations as tracked by WordPress.org.

Does PHP Native Password Hash work with the latest WordPress?

PHP Native Password Hash has been tested up to WordPress 6.5.8. It requires WordPress 5.2+ and PHP 7.0+.

PluginSift

PHP Native Password Hash

Name: PHP Native Password Hash
Rating: 5 (6 reviews)
Author: Ayesh Karunaratne

Makes WordPress use PHP's native password_hash() functions for portable, stronger, and time-attack safe bcrypt and Argon2 hashes.

By Ayesh Karunaratne·Argon2·Free

5(6 reviews)

·2.0K+ active installs·Updated 1 year ago

Download Compare

As of April 2026, PHP Native Password Hash is a WordPress argon2 plugin with 2.0K+ active installations and a 5/5 rating from 6 reviews. It has been downloaded 23K+ times in total. Requires WordPress 5.2+ and PHP 7.0+. Available on WordPress.org since 2017. Last updated 1 year ago — may have compatibility concerns. Downloads are down 18% this week.

5/56 reviews

2.0K+active installs

23K+total downloads

9 yearssince 2017

Overview

This plugin swaps out WordPress core’s password hashing mechanism with PHP 5.5’s password_hash() and its accompanying functions. By default, PHP uses bcrypt to hash the passwords. If available, this plugin will use modern Argon2 algorithm. The transition will be transparent.

A password salt will be generated using a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)
Password hashes are safe from dictionary attacks with rainbow tables or any other precomputed hash lists, because a secure salt is generated for each password.
The password hashing is iterated multiple times to provide a good resistance against brute-force attacks.
Password checks are made in a way that it mitigates time-attacks.
You do not have to reset passwords of all users. Passwords already hash…

Read full description on WordPress.org

Ratings & Reviews

56 reviews

5 ★

4 ★

3 ★

2 ★

1 ★

Recent Reviews

Amazing

by fenvi·1 year ago

Works very well.

Very good security addition

by Yambub·5 years ago

Thanks for this plugin and especially for keeping it up to date.

Thanks very much!

by minishman·7 years ago

Can’t believe WP is still using MD5 by default o.O

As soon as I learned about this, I got this plugin, and it does exactly what you want, using WordPress built in functions, so totally lightweight.

Thanks dev!

Exellent

by mpompas·8 years ago

Works as expected.

Superb

by birkof007·9 years ago

Geniality is in simplicity.

Download Trends

Today: 18Yesterday: 15This week: 75Period total: 3K

Compatibility

WordPress	5.2+ requiredTested up to 6.5.8
PHP	7.0+ required

Version Adoption

v3.0

82.0%

v2.1

17.1%

v1.5

0.8%

Frequently Asked Questions

Changelog

1.0

Initial release.

View full changelog on WordPress.org

Contributors

Ayesh Karunaratne

Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.