diff --git a/_test/cases/inc/auth_password.test.php b/_test/cases/inc/auth_password.test.php
index 1c0942239da20ad239232e24aacd61aab39267cd..8646e32261da79152a2075afae597fc379111c9a 100644
--- a/_test/cases/inc/auth_password.test.php
+++ b/_test/cases/inc/auth_password.test.php
@@ -39,6 +39,16 @@ class auth_password_test extends UnitTestCase {
         }
     }
 
+    function test_verifySelf(){
+        foreach($this->passes as $method => $hash){
+            $info = "testing method $method";
+            $this->signal('failinfo',$info);
+
+            $hash = auth_cryptPassword('foo'.$method);
+            $this->assertTrue(auth_verifyPassword('foo'.$method,$hash));
+        }
+    }
+
     function test_verifyPassword_nohash(){
         $this->assertTrue(auth_verifyPassword('foo','$1$$n1rTiFE0nRifwV/43bVon/'));
     }
diff --git a/inc/PassHash.class.php b/inc/PassHash.class.php
index c4a6d78d09caded250c13667603fd8bf2a930b73..cb46c5928822b15ac111a1b4f1e9893d6dd2bc80 100644
--- a/inc/PassHash.class.php
+++ b/inc/PassHash.class.php
@@ -77,11 +77,13 @@ class PassHash {
     /**
      * Create a random salt
      *
-     * @todo use full range of characters instead of hex values only
      * @param int $len - The length of the salt
      */
     public function gen_salt($len=32){
-        return substr(md5(uniqid(rand(), true)),0,$len);
+        $salt  = '';
+        $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
+        for($i=0;$i<$len,$i++;) $salt .= $chars[mt_rand(0,61)];
+        return $salt;
     }
 
     /**