How to get the random salt from password_hash in PHP?

Question

I've read in the manual that the PHP-function password_hash() uses a random salt to hash the password. How to get this random salt for saving it to database?

Answer 1

A salt is generated automatically and randomly when you run password_hash. It will be different every time, even for the same password. That's good! From the docs:

You should not manually set or in any way modify the salt. Just save the entire hash in the database, and let PHP handle it. password_hash and password_verify, by default, use the industry standard bcrypt algorithm in a manner complying with industry best practices. Modifying that behavior is likely to make your site less secure.