Class **Phalcon\\Security** =========================== *implements* :doc:`Phalcon\\DI\\InjectionAwareInterface ` This component provides a set of functions to improve the security in Phalcon applications Methods --------- public **setDI** (:doc:`Phalcon\\DiInterface ` $dependencyInjector) Sets the dependency injector public :doc:`Phalcon\\DiInterface ` **getDI** () Returns the internal dependency injector public **setRandomBytes** (*string* $randomBytes) Sets a number of bytes to be generated by the openssl pseudo random generator public *string* **getRandomBytes** () Returns a number of bytes to be generated by the openssl pseudo random generator public **setWorkFactor** (*int* $workFactor) Sets the default working factor for bcrypts password's salts public *int* **getWorkFactor** () Returns the default working factor for bcrypts password's salts public *string* **getSaltBytes** () Generate a >22-length pseudo random string to be used as salt for passwords public *string* **hash** (*string* $password, [*int* $workFactor]) Creates a password hash using bcrypt with a pseudo random salt public *boolean* **checkHash** (*string* $password, *string* $passwordHash) Checks a plain text password and its hash version to check if the password matches public *boolean* **isLegacyHash** (*string* $passwordHash) Checks a plain text password and its hash version to check if the password matches public *string* **getTokenKey** ([*int* $numberBytes]) Generates a pseudo random token key to be used as input's name in a CSRF check public *string* **getToken** ([*int* $numberBytes]) Generates a pseudo random token value to be used as input's value in a CSRF check public *boolean* **checkToken** ([*string* $tokenKey], [*string* $tokenValue]) Check if the CSRF token sent in the request is the same that the current in session public *string* **getSessionToken** () Returns the value of the CSRF token in session