Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Why is it safer to store passwords with a different salt for every password?
As passwords are hashed after being salted, I see no reason to use a different salt.
Is it easier to brute-force the password with a known salt or something? Or do hackers make their own rainbow tables once they know the salt?
Kind regards
If you use only one salt, the hacker only has to rebuild their rainbow tables once and can use them for your entire database. Duplicate passwords will be easier to find, too.
Use individual hashes and an expensive algorithm (bcrypt, scrypt).