diff --git a/inc/mod/auth.php b/inc/mod/auth.php
index 6dcad3a1..6b4022c9 100644
--- a/inc/mod/auth.php
+++ b/inc/mod/auth.php
@@ -69,7 +69,13 @@ function test_password($password, $salt, $test) {
 }
 
 function generate_salt() {
-	// 128 bits of entropy
+	// mcrypt_create_iv() was deprecated in PHP 7.1.0, only use it if we're below that version number.
+	if (PHP_VERSION_ID < 701000) {
+		// 128 bits of entropy
+		return strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
+	}
+
+	// Otherwise, use random_bytes()
 	return strtr(base64_encode(random_bytes(16)), '+', '.');
 }