Laravel Queues in Action (2nd edition) is now available!

Encryption and Hashing

Updated: May 10, 2020 — 1 min Read#quick-dip

As we mentioned earlier, APP_KEY has nothing to do with hashing passwords. It's used for encrypting and decrypting values in your application. Encryption and hashing are two different things.

Encryption works by scrambling data, only a person with the encryption key can unscramble it. Hashing, on the other hand, works by converting data into a fixed size string that cannot be reverted back to its original value.

Laravel uses hashing to store passwords in your database. If the user provided value is "secret", Laravel will store the following in the database:


There's no way we can know the original value. However, the next time the user signs in we can compare the password he provides with the password he chose when he signed up. If the check passes, that means the user has provided the correct password.


You can hash values anywhere in your code by using the Hash facade:


For more information on Hashing, Encryption, and Digital Signatures. Check this short video:

Hey! 👋 If you find this content useful, consider sponsoring me on GitHub.

You can also follow me on Twitter, I regularly post about all things Laravel including my latest video tutorials and blog posts.

By Mohamed Said

Hello! I'm a former Laravel core team member & VP of Engineering at Foodics. In this publication, I share everything I know about Laravel's core, packages, and tools.

You can find me on Twitter and Github.

This site was built using Wink. Follow the RSS Feed.