How can password_verify validate passwords without knowing salt and cost?

Question

The function password_verify() in the new PHP password API checks if the password corresponds to the hash. The hash is generated by password_hash(), that by default uses a rando

Answer 1

The string returned by password_hash() contains not only the hash, but also the algorithm, cost and salt.