diff --git a/inc/mod/auth.php b/inc/mod/auth.php
index 42f34196..16da26a2 100644
--- a/inc/mod/auth.php
+++ b/inc/mod/auth.php
@@ -69,8 +69,14 @@ function test_password($password, $salt, $test) {
 }
 
 function generate_salt() {
-	// 128 bits of entropy
-	return strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
+	// mcrypt_create_iv() was deprecated in PHP 7.1.0, only use it if we're below that version number.
+	if (PHP_VERSION_ID < 70100) {
+		// 128 bits of entropy
+		return strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
+	}
+
+	// Otherwise, use random_bytes()
+	return strtr(base64_encode(random_bytes(16)), '+', '.');
 }
 
 function login($username, $password) {