Y
Hacker News
new
|
ask
|
show
|
jobs
by
davb
3956 days ago
If they hashed PASSWORD + USER_SPECIFIC_SALT + SITE_SALT, storing USER_SPECIFIC_SALT in the user table and SITE_SALT in the application config, both data and site config would have to be leaked.