+ 2

Is setting the salt manually a good idea?

In my php login system I am thinking of setting the salt as a special variable. Is it a good idea? Or are there any security risks? Should I let it better randomly generate it?

24th Oct 2017, 4:00 PM
ykahveci
ykahveci - avatar
3 odpowiedzi
+ 3
No. It has been deprecated in PHP7. So you shouldn't use it. http://php.net/manual/en/function.password-hash.php
24th Oct 2017, 5:08 PM
$machitgarha
$machitgarha - avatar
+ 2
Ah, I found a way to solve it with password_verify(). It works!
24th Oct 2017, 4:08 PM
ykahveci
ykahveci - avatar
+ 2
Ah, I should google it!
25th Oct 2017, 6:31 AM
ykahveci
ykahveci - avatar