Avatar of Crazy Horse
Crazy Horse
Flag for South Africa

asked on 

Creating a random validation code for email confirmation when registering as a new user

I want to create a secure random code that the user must click on in an email to activate their account. I have read a few posts on google and as usual, everybody has a different opinion! It seems though that a decent one is random_bytes. Is this acceptable? Also, I don't know how to actually use it. I tried this but it has symbols as well which I don't think I can store in a database?

I did this:

$identifier = random_bytes(12);
echo (bin2hex($identifier));

Open in new window

which generated : 2111d60a465f2f8c31ab7596

Is that sufficient or is there a more secure method?

Avatar of undefined
Last Comment
Julian Hansen

8/22/2022 - Mon