Internally my site has a static id number associated with each account. I need to start using the ids publicly, but I don't want people to be able to discern the total number of user accounts on my site.
I plan on generating and storing a non-sequential, unique, and short public id for each user in my database by using a salted md5 hash of the user id. This approach gives me non-sequential and unique (theoretical collisions withstanding) ids, however, they're longer than what I'd like.
I'd like to shorten by converting them from base 16 to base 64.
The ids are too large for base_convert(), and that only goes up to base 36 anyways.
Instead I am using base64_encode().
I notice that I get considerable shorter ids if I use the raw binary md5 output. I'm hoping somebody can tell me if this is because they can be encoded more efficiently or if its because I'm losing data (and making collisions more probable).
Short: base64_encode(md5($id.$salt, TRUE));