I'm trying to make a cookie which stores an authentication value so the user doesn't need to log in every time they visit the website, is this code secure, as in, it would be infeasible for an attacker to try and guess or work out the value even if they knew how the result was made:
Code: Select all
$salt = "my random string here";
$randomString = hash('sha256', $salt.microtime(true).mt_rand(10000000,99999999));Thanks, your help is appreciated!