Password_hash and default salt is it enough? [duplicate]

Question

This question already has answers here:

Secure hash and salt for PHP passwords (14 answers)

Closed 9 years ago.

I was wondering if

password_hash("custompassgoeshere", PASSWORD_BCRYPT)

Is secure enough in order to store passwords to the DB or if I should add some more SALT in it (I was thinking something like user's username/email/date of birth/etc).

Thanks!

Answer 1

Bcrypt would be secure enough on its own., ensure that you increase the iterations/cost to something high enough (but not too slow for your server). You may need to test a few values to test for acceptable hashing times.

You do not need to salt your passwords, Bcrypt generates unique salts for each hash automatically and stores it with the hash.

See: How can bcrypt have built-in salts?