#li3 > Lithium Documentation > lithium/security/Password::

Generates a Blowfish salt for use in `lithium\security\Password::hash()`. _Note_: Does not use the `'encode'` option of `String::random()` because it could result in 2 bits less of entropy depending on the last character.

Parameters

integer $count The base-2 logarithm of the iteration count. Defaults to `10`. Can be `4` to `31`.

Returns

string The Blowfish salt.

Source

						protected static function _genSaltBf($count = null) {
		$count = (integer) $count;
		$count = ($count < 4 || $count > 31) ? static::BF : $count;

		$base64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
		$i = 0;

		$input = String::random(16);
		$output = '';

		do {
			$c1 = ord($input[$i++]);
			$output .= $base64[$c1 >> 2];
			$c1 = ($c1 & 0x03) << 4;
			if ($i >= 16) {
				$output .= $base64[$c1];
				break;
			}

			$c2 = ord($input[$i++]);
			$c1 |= $c2 >> 4;
			$output .= $base64[$c1];
			$c1 = ($c2 & 0x0f) << 2;

			$c2 = ord($input[$i++]);
			$c1 |= $c2 >> 6;
			$output .= $base64[$c1];
			$output .= $base64[$c2 & 0x3f];
		} while (1);

		$result = '$2a$';
		$result .= chr(ord('0') + $count / static::BF);
		$result .= chr(ord('0') + $count % static::BF);
		$result .= '$' . $output;

		return $result;
	}