Is there a Yii recommended way of generating the random-key to be used in the Cookie-Based Login with additional security measures as mentioned in the docs.
Or is using some hashing based on the current time sufficient?
Is there a Yii recommended way of generating the random-key to be used in the Cookie-Based Login with additional security measures as mentioned in the docs.
Or is using some hashing based on the current time sufficient?
How secure does it need to be? I mean PHP is actually really bad at producing randomness, there are libraries you can plug into. For most applications however I just:
sha1(microtime() . mt_rand());
If my site became the target of a competent hacker, I’d be toast but who wouldn’t? If you have national secrets on an internet facing server you are pretty dumb anyway!