This is how bcryptis supposed to work. See wikipedia.

这就是bcrypt应该如何工作。请参阅维基百科。

Bcrypt generates a random 128-bit saltduring hashing. This saltbecomes part of the hash, hence we always get a different hash value for the same input string. The random salt is actually used to deter brute-force attacks.

Bcrypt在散列期间生成一个随机的 128 位盐。该盐成为散列的一部分，因此我们总是为相同的输入字符串获得不同的散列值。随机盐实际上用于阻止蛮力攻击。

The password matching process won't fail due to different values of hashes. Try the following in tinker

密码匹配过程不会因为哈希值不同而失败。尝试以下tinker

$hash1 = bcrypt('secret')
$hash2 = bcrypt('secret')

Hash::check('secret', $hash1)
Hash::check('secret', $hash2)

You should get truein both the cases of Hash::check.

你应该true在这两种情况下都得到Hash::check.

So even if the hash values are different, the password matching won't fail.

所以即使哈希值不同，密码匹配也不会失败。

Bcryptuses a 128-bit salt and encrypts a 192-bit magic value. It takes advantage of the expensive key setup in eksblowfish.

Bcrypt使用 128 位盐并加密 192 位魔法值。它利用了 eksblowfish 中昂贵的密钥设置。

The bcrypt algorithm runs in two phases, sketched in Figure 3. In the first phase, EksBlowfishSetup is called with the cost, the salt, and the password, to initialize eksblowfish's state. Most of bcrypt's time is spent in the expensive key schedule. Following that, the 192-bit value ``OrpheanBeholderScryDoubt'' is encrypted 64 times using eksblowfish in ECB mode with the state from the previous phase. The output is the cost and 128-bit salt concatenated with the result of the encryption loop.

bcrypt 算法分两个阶段运行，如图 3 所示。在第一个阶段，使用成本、盐和密码调用 EksBlowfishSetup，以初始化 eksblowfish 的状态。bcrypt 的大部分时间都花在了昂贵的密钥计划上。之后，192 位值“OrpheanBeholderScryDoubt”在 ECB 模式下使用 eksblowfish 使用前一阶段的状态加密 64 次。输出是成本和与加密循环结果连接的 128 位盐。

How it works in laravel :

它如何在 Laravel 中工作：

if (! function_exists('bcrypt')) {
    /**
     * Hash the given value against the bcrypt algorithm.
     *
     * @param  string  $value
     * @param  array  $options
     * @return string
     */
    function bcrypt($value, $options = [])
    {
        return app('hash')->driver('bcrypt')->make($value, $options);
    }
}

Supported options for PASSWORD_BCRYPT:

PASSWORD_BCRYPT 支持的选项：

salt (string)- to manually provide a salt to use when hashing the password. Note that this will override and prevent a salt from being automatically generated.

salt (string)- 在对密码进行散列时手动提供要使用的盐。请注意，这将覆盖并阻止自动生成盐。

If omitted, a random salt will be generated by password_hash() for each password hashed. This is the intended mode of operation.

如果省略，则 password_hash() 将为每个散列的密码生成一个随机盐。这是预期的操作模式。

Warning The salt option has been deprecated as of PHP 7.0.0. It is now preferred to simply use the salt that is generated by default.

警告 从 PHP 7.0.0 开始，salt 选项已被弃用。现在更喜欢简单地使用默认生成的盐。

cost (integer)- which denotes the algorithmic cost that should be used. Examples of these values can be found on the crypt() page.

成本（整数）- 表示应该使用的算法成本。可以在 crypt() 页面上找到这些值的示例。

If omitted, a default value of 10 will be used. This is a good baseline cost, but you may want to consider increasing it depending on your hardware.

如果省略，将使用默认值 10。这是一个很好的基准成本，但您可能需要考虑根据您的硬件增加它。

How Bcrypt encryption and decryption works:
Internally bcrypt() use uses PHP's built-in password_hash() function. password_hash() returns different values each time because it appends a random string (a "salt") to the password. The salt is actually contained in the output hash.

Bcrypt 加密和解密的工作原理：在
内部 bcrypt() 使用使用 PHP 的内置 password_hash() 函数。password_hash() 每次都会返回不同的值，因为它将随机字符串（“盐”）附加到密码中。盐实际上包含在输出哈希中。

If the same password is hashed with the same salt, you will always get the same output. Therefore password_verify() looks at the stored hash, extracts the salt, and then hashes the given password with that same salt.

如果使用相同的盐对相同的密码进行哈希处理，您将始终获得相同的输出。因此 password_verify() 查看存储的散列，提取盐，然后使用相同的盐对给定的密码进行散列。