-1

I am trying to create 200 characters salt manually and using it with md5 as an parameter to protect passwords with one of my SLIM3 web-app project with string hash ( string $algo , string $data [, bool $raw_output = FALSE ] )

I want the salt to create randomly each time to make it more secure. What is the best way to do it in PHP5.3?

Rubin Gajera
  • 77
  • 2
  • 12
  • 3
    Please don't use the word md5 anywhere near the word password. It's horribly broken. Use [the PHP API](http://php.net/manual/en/book.password.php), with [a backwards compatibility package](https://github.com/ircmaxell/password_compat) if necessary (which it will be on PHP 5.3). – iainn Jan 05 '18 at 14:56
  • 2
    You should no longer use PHP 5.3 which is severly outdated, and you should neither write your own hashing algorithms but use built-in ones. – Nico Haase Jan 05 '18 at 15:46
  • all other stuff is 5.3 so ican't be change. It will need a great human resource. @nico-haase – Rubin Gajera Jan 05 '18 at 19:46

1 Answers1

1

You can use custom function, that generating salt whith specified length:

function generator($length) {
    $sym = array(0,1,2,3,4,5,6,7,8,9,'q','w','e','r','t','y','u','i','o','p','a','s','d','f','g','h','j','k','l','z','x','c','v','b','n','m');
    $sole = '';
    for ($i=1; $i <= $length; $i++) {
        $sole .= $sym[rand(0, count($sym) - 1)];
   }
    return $sole;
}
Vladimir
  • 1,373
  • 8
  • 12