While checking newly installed OJS 3, I have come across with salt. In the security section, there is a field:
Should I change that? If yes, with what? Is there salt generators? Is there any specific criteria for it. Thank you.
change this to something random. You can use a password generator like the one in duckduckgo.
And DON’T lose it then! If you lose it, all passwords will have to change again, I believe
The config.inc.php documentation suggests that this salt is only used for password resets, and I think that is correct. The passwords themselves are not dependent on this value.
Aaaaaaa… I thought it is used for all passwords hashes… Sorry!