I want to create a secure random code that the user must click on in an email to activate their account. I have read a few posts on google and as usual, everybody has a different opinion! It seems though that a decent one is random_bytes. Is this acceptable? Also, I don't know how to actually use it. I tried this but it has symbols as well which I don't think I can store in a database?
I did this:
$identifier = random_bytes(12);
which generated : 2111d60a465f2f8c31ab7596
Is that sufficient or is there a more secure method?