mzcoxfde mzcoxfde - 9 months ago 36
PHP Question

Password generator with PHP

I was trying to make a secure random password generator but I couldn't think of anything. I want it to be completely random and long. I didn't want the md5 function because I've heard its the most vulnerable.


Try password Salting. I use it as a better and more secure way to store passwords. A salting function depends on 3 basic things. - The hash function (md5, sha1, whirlpool etc) - The original string and - Your own keyword that you assign for the function

Here's the function:


class Hash

 * @param string $algo The algorithm (md5, sha1, whirlpool, etc)
 * @param string $data The data to encode
 * @param string $salt The salt (This should be the same throughout the system probably)
 * @return string The hashed/salted data
public static function create($algo, $data, $salt)

    $context = hash_init($algo, HASH_HMAC, $salt);
    hash_update($context, $data);

    return hash_final($context);


The algo variable takes one of the hash functions, the data and the salt variables take strings(when you are usng the function for random password, but when storing passwords, the salt variable must be constant.

And if you want it to be completely random, you can make all the three things random. For example, you can make the algo variable a random choice of the cryptographic hash functions. As well as for the other two.

EDIT Or you can use the password_hash()