|
|
|
|
|
|
by peeters
3667 days ago
|
|
|
It being unique goes most of the way, you're right (though hopefully it actually is unique!). I was being dramatic when I said "not nearly as good". But making the salt easily guessable does allow an attacker to precompute rainbow tables, etc. So if there was a breach and an attacker got a dump of your password hashes, it might mean the difference between you having time to invalidate those passwords or not. Good look at the issue here: http://security.stackexchange.com/questions/41617/do-salts-h... |
|
|