Re: SMF modification needed -- upgrade password hash security -- 40 BTC

If you're creating salts, you may want to use a CSPRNG. So, you want /dev/random instead of urandom.

/dev/urandom is more than sufficient. It's not very important for the salt to be unpredictable.