Due to the fact that Blowfish has vulnerabilities before PHP version 5.3.7, it would be suggested to use SHA-256 or SHA-512 instead. Both of them have a similar salt format similar to that of Blowfish (use a prefix of $5$ for SHA-256 and $6$ for SHA-512). In addition to this, it also contains an optional rounds parameter to force multiple hashing.
The salt on its own is a little shorter at only 16 characters but unlike Blowfish, it allows more than just alphanumeric characters.
echo 'SHA-256 (no rounds): ' . crypt('password-to-encrypt', '$5$YourSaltyStringz$'); echo 'SHA-512 (with rounds): ' . crypt('password-to-encrypt', '$6$rounds=1000$YourSaltyStringz$');
This will produce the following output −
SHA-256 (no rounds): $5$YourSaltyStringz$td0INaoVoMPD4kieVrkGE67siKj3N8.HSff8ep0Ybs8SHA-512 (with rounds): $6$rounds=1000$YourSaltyStringz$A5UHscsEbSnPnaV6PmSF5T/MQK.Wc3klA.18c.gXG5pD0PVYSVr/7xwRu1XJyn8XpiMDNRTvpJm5S8DkmSywz1
Similar to Blowfish, the resulting hashes will contain the salt as part of the resultant hash.