I just upgraded my phpMyAdmin to the latest version (5.2.1 currently) and for the new configuration, in order to avoid a warning after the authentication, I need to set on the file /usr/share/phpmyadmin/config.inc.php
the value $cfg['blowfish_secret']
For what I understand, this value will be used to encrypt cookies. And the documentation gives a default value that I can enter to avoid warnings http://localhost/phpmyadmin/doc/html/config.html#cfg_blowfish_secret
This works very well, I however am concerned about choosing a supposed “secret” by a value I found on the web and I am worried about potential security breach.
I found another mention of a value I could put as secret https://askubuntu.com/questions/947805/how-to-upgrade-phpmyadmin-revisited (even if this value is not exactly 32bits long and generate a new warning).
Can I use this “secret” value without fearing security breach?
And if not how can I generate by myself a secured secret?