In PHP 5.5, a new function called password_hash() was introduced, which works in the same way as the md5 function but is more secure. It also doesn't require a hash. It's pretty similar to md5 in how it works, and you can use it like this:
<?php
// Generate a hash of the password "mypassword"
$hash = password_hash("mypassword", PASSWORD_DEFAULT);
// Echoing it out, so we can see it:
echo $hash;
// Some line breaks for a cleaner output:
echo "<br><br>";
// Using password_verify() to check if "mypassword" matches the hash.
// Try changing "mypassword" below to something else and then refresh the page.
if (password_verify('mypassword', $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
?>
For more details, check out the documentation.