Question about Salts
Posted: Sun Jun 29, 2008 6:46 pm
Hi, I'm new to php abd was reading about salts and hashes.
As I understand it, the reason for a salt is to make it harder for someone to crack a hashed password in the event they manage to steal that hash. But if you store the salt in a database as well, then couldn't the person who stole the password simply steal the salt also, and then what would be the point of it.
This is probably a really stupid question, I think I'm missing something that is preventing me from understanding it.
Any help would be apreciated.
As I understand it, the reason for a salt is to make it harder for someone to crack a hashed password in the event they manage to steal that hash. But if you store the salt in a database as well, then couldn't the person who stole the password simply steal the salt also, and then what would be the point of it.
This is probably a really stupid question, I think I'm missing something that is preventing me from understanding it.
Any help would be apreciated.