For example, right now I only need to generate tokens for persistent remember me

Question

0

Asked: June 9, 20262026-06-09T05:22:31+00:00 2026-06-09T05:22:31+00:00

For example, right now I only need to generate tokens for persistent remember me

0

For example, right now I only need to generate tokens for persistent “remember me” logins. To generate those tokens I am using:

sha1(uniqid(mt_rand(), true))

which always generates 40 characters in [0-9a-f] like so:

64070e8f3d155550b04272eae330d23896e043e6

Can I generate tokens in the same way for password reset functionality and email account verification? In general, is there one token generation mechanism I can use for all my token needs? Or is it likely that I’ll have to use different types of tokens for different needs?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-09T05:22:33+00:00

Editorial Team

2026-06-09T05:22:33+00:00Added an answer on June 9, 2026 at 5:22 am

Yes, you can use the same token generator for different purposes. As long as it suits them, you don’t have to mess with different mechanisms, keep it simple

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

For example, right now I only need to generate tokens for persistent remember me

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply