[eluser]DonkeyKong[/eluser]
For higher security, it's not a good idea to have predefined salt and use it for all passwords.
Phpass deals with random salts internally:
Quote:Phpass transparently generates random salts when a new password or passphrase is hashed, and it encodes the hash type, the salt, and the password stretching iteration count into the "hash encoding string" that it returns