Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
The size of the output can be set to 20 character, 32 character or 40 character depending on some factors. I just read that a few weeks ago. If I can find out where, I will post the link.
PS I asked that same exact question you just asked by the way.