Generates a random base 64-encoded salt prefixed with settings for the hash.
Proper use of salts may defeat a number of attacks, including:
$count_log2: Integer that determines the number of iterations used in the hashing process. A larger value is more secure, but takes more time to complete.
A 12 character string containing the iteration count and a random salt.
function _password_generate_salt($count_log2) {
$output = '$S$';
// Ensure that $count_log2 is within set bounds.
$count_log2 = _password_enforce_log2_boundaries($count_log2);
// We encode the final log2 iteration count in base 64.
$itoa64 = _password_itoa64();
$output .= $itoa64[$count_log2];
// 6 bytes is the standard salt for a portable phpass hash.
$output .= _password_base64_encode(drupal_random_bytes(6), 6);
return $output;
}