Generates a random base 64-encoded salt prefixed with settings for the hash.
Proper use of salts may defeat a number of attacks, including:
String A 12 character string containing the iteration count and a random salt.
protected function generateSalt() {
$output = '$S$';
// We encode the final log2 iteration count in base 64.
$output .= static::$ITOA64[$this->countLog2];
// 6 bytes is the standard salt for a portable phpass hash.
$output .= $this
->base64Encode(Crypt::randomBytes(6), 6);
return $output;
}