0

I want to create an activation number for user registration in PHP

Is rand() Secure ? If not what else I can use ?

My PHP version : 5.3

M4HdYaR
  • 1,124
  • 11
  • 27
  • 6
    `Caution This function does not generate cryptographically secure values, and should not be used for cryptographic purposes. If you need a cryptographically secure value, consider using random_int(), random_bytes(), or openssl_random_pseudo_bytes() instead.` – Mark Baker Aug 12 '16 at 18:09
  • 1
    rand is about as random as rolling a dice – Mark Baker Aug 12 '16 at 18:09
  • Theres a function here to make a unique string which should work for your purposes: http://stackoverflow.com/questions/4356289/php-random-string-generator/31107425#31107425 – SilicaGel Aug 12 '16 at 18:10
  • Although this function(random_int()) was added to PHP in PHP 7.0 @MarkBaker – M4HdYaR Aug 12 '16 at 18:10
  • @SilicaGel That function uses PHP 7.0 random_int() – M4HdYaR Aug 12 '16 at 18:12
  • I believe it works on php 5.3 using the library mentioned in the comments.. For PHP 5.x, depends on https://github.com/paragonie/random_compat – SilicaGel Aug 12 '16 at 18:18
  • As long as you want it for that purpose only, it is safe. – revo Aug 12 '16 at 18:57

1 Answers1

1

mt_rand() is better than rand()

http://php.net/manual/en/function.mt-rand.php

Md Shahadat Hossain
  • 46
  • 6