+ 2
Is setting the salt manually a good idea?
In my php login system I am thinking of setting the salt as a special variable. Is it a good idea? Or are there any security risks? Should I let it better randomly generate it?
3 odpowiedzi
+ 3
No. It has been deprecated in PHP7. So you shouldn't use it.
http://php.net/manual/en/function.password-hash.php
+ 2
Ah, I found a way to solve it with password_verify(). It works!
+ 2
Ah, I should google it!