Bcrypt vs Hash in laravel

If you never need to decrypt the key for further use, the first option is better.

If you need to get the key back after it's been encrypted, the second option will be better.


Your second option isn't bcrypt. Laravel's Crypt class uses AES encryption.
As stated in the documentation:

Laravel provides facilities for strong AES encryption via the Mcrypt PHP extension.

As far as I can tell you don't need to be able to decrypt the data, to reverse the encryption. Therefore you should definitely use a hashing algorithm like sha256 in your first option. However Laravel ships with a pretty good hashing class already so why not use that.

Option 3 (Laravel Hash, Bcrypt)

$hash = Hash::make('secret');

$input = 'secret';
if(Hash::check($input, $hash)){
    // the input matches the secret
}

Note that you have to use Hash::check() for comparing. You can't just create another hash with Hash::make() and compare them. The generated hash contains a random component, so even if it's the same secret, Hash::make() will produce a different hash every time.

Hashing - Laravel docs