What is a way in PHP to make a random, variable length salt for use in hashing? Let's say I want to make a 16-character long salt - how would I do it?
edit: the mcrypt extension has been deprecated. For new projects take a look at random_bytes ( int $length ) and the sodium (as of php 7.2 core-)extension.
If the mcrypt extension is available you could simply use mcrypt_create_iv(size, source) to create a salt.
$iv = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); var_dump($iv);
Since each byte of the "string" can be in the range between 0-255 you need a binary-safe function to save/retrieve it.
1.4m articles
1.4m replys
5 comments
57.0k users
