Hacker News new | ask | show | jobs
by mnw21cam 3583 days ago
That wouldn't really be a proper salt, although technically it would fulfil the purpose of a salt, which is to prevent lookup tables being used.
1 comments
Klathmon 3583 days ago
Oh I agree, but I've seen too many "clever" systems which derive the salt from something like the username or another field or fields in the DB.

Just because there is no obvious salt now doesn't mean it's not there. Only Dropbox knows how it worked at this point.

link
tonicoto 3582 days ago
We will have to wait for a code leak ;-)
link