Does salt hashing help?

Question

Does salt hashing help?

I thought a lot about how to further protect my web application from brute force attacks and all security. I know that we can store our salt value in text form, and we still have good security.

Will there be a hash of our salt value, add more security to the web application or is it a waste of time and resources on the server?

+4

security hash salt

Traven May 07 '14 at 6:00

source share

3 answers

nbanic · Answer 1 · 2014-05-07T06:05:32+0000

In the end, you must concatenate the password and salt value, so you need to have the original salt value. If you hash the salt value, you no longer have the original value, since hashing is a one-way function, so I don't think salt hashing would be useful (if I understood your question correctly).

Ophidian · Answer 2 · 2014-05-07T06:07:32+0000

The purpose of the salt is to prevent hackers from accessing the password through pre-calculated rainbow tables. The only way to get the password then (assuming a good hashing algorithm is used) is brute force, which will be equally long if the salt is encrypted or not.

martinstoeckli · Answer 3 · 2014-05-07T08:07:39+0000

, .

- , , .

If you haveh the salt and then use this salt hash to hash the password, you only exchange the salt. You will need to store the salt hash in the database, and it acts like the original salt. Time to hash the salt you spend better by doing more iterations when hashing passwords.

Does salt hashing help?

More articles: