Two questions immediately come to mind:
- Why are you using
CRYPT_SHA512
instead of CRYPT_BLOWFISH
?
- Why are you using
crypt()
instead of password_hash()
/password_verify()
/password_needs_rehash()
?
One of the reasons you should use password_*
instead of crypt()
is it will generate a unique random salt for you. You really don't want to hand-roll your own salt generator if your goal is to be secure.
Is it possible to increase the salt length?
SHA512Crypt only allows a 16-character salt. Bcrypt uses a 22-character salt (a base64-encoded representation of a 128-bit random string).
Let's quantify this: A 128-bit salt (powered by a CSPRNG) will repeat exactly once (with 50% probability) after 2^64 (1.8446744e+19, or 18,446,744,073,709,551,616) password hashes are generated.
That's about 2.6 billion bcrypt hashes for every living person on planet Earth.
You don't need a longer salt for any appreciable security gain.
Is there any drawback if we increase the salt length?
It will silently truncate and, while you may feel smart for seemingly using a longer salt, it will have no effect on the security.
Further reading: How to safely store your users' passwords in 2016.