When converting "random bytes" to string, is there a difference in whether to use base64_encodeor bin2hex?
$bytes = openssl_random_pseudo_bytes(32);
echo base64_encode($bytes);
echo bin2hex($bytes);
To use as salt for bcrypt, obviously, a modified base64 is the right choice, because that is what is expected. But for contexts such as an account registration confirmation key or a unique inconsistent object identifier, which is the right choice?
I know random_compatlibrary , but this is also for educational purposes.
source
share