Why is providing a custom salt deprecated for PASSWORD_BCRYPT and unsupported for PASSWORD_ARGON2? Yes, generating a strong salt isn't easy and thus automation of the process is a good thing. But not being able to use a custom salt at all prevents several use cases. When the salt is generated automatically: - The plain text password must be known to PHP every time authentication is performed. That is, it has to be sent from the Client to the Server. While HTTPS mitigates the problem, a man-in-the-middle attack can capture the plaintext password. - password_verify() must be used to check the plaintext password, adding load to the Server, requiring explicit DOS protection. When manual salts are allowed: - Client and Server could e.g. agree to use "username + (static) random data" as salt. While the password hashes themselves are less secure, this allows for authentication procedures based on comparing a calculated with a stored hash, not requiring plaintext password transmits, and reducing server load. I am no crypto expert, so my thoughts might be completely wrong and I am happy for any feedback :) Kind regards, Frank Ebner
