Secure hash and salt for PHP passwords
DISCLAIMER: This answer was written in 2008. Since then, PHP has given us password_hash and password_verify and, since their introduction, they are the recommended password hashing & checking method. The theory of the answer is still a good read though. TL;DR Don’ts Don’t limit what characters users can enter for passwords. Only idiots do this. … Read more