S
Salt (Cryptography)
A salt is random data added to passwords before hashing to prevent rainbow table attacks and ensure unique hashes.
What is a Salt?
In cryptography, a salt is random data added to input before hashing. For passwords, salting ensures identical passwords produce different hashes, defending against precomputed (rainbow table) attacks.
Why Salts Matter
Without salts, identical passwords have identical hashes. Attackers can precompute hashes for common passwords. Salts make each hash unique even for the same password.
Salt Requirements
- Length: At least 16 bytes recommended
- Randomness: Use cryptographically secure random generator
- Uniqueness: Generate new salt for each password
- Storage: Store salt alongside hash (it's not secret)
Common Misconceptions
- "Salts must be secret" - Security doesn't depend on secrecy
- "Longer salts are always better" - 16+ bytes is sufficient
- "One salt for all passwords" - Must be unique per password