So I am learning about encryption and I see there are several ways of doing it in PHP. From what I have read, Salts can be random or not.
My question is, when the salt is randomly generated, how can you check for it when the user logs in?
And what would be the best way of creating salts apart from password_hash()(Since my php is 5.4.x)?
Thanks
when the salt is randomly generated, how can you check for it when the user logs in?
You store the salt with the password hash.
It is not recommended to create salts yourself unless you know what you are doing. There is a good library here https://github.com/ircmaxell/password_compat that brings support for password_hash() for earlier versions of PHP. There is no reason not to use this.
Regarding the salt, it is stored alongside the password.