Password salting
Password salting definition
Password salting is the practice of adding large-value randomized data (called “salt” in cryptography) to passwords stored in databases. Password salting makes it harder to reverse engineer leaked passwords in the event of a data breach.
Password salting is often used automatically with password hashing (running the plaintext password through a hashing algorithm) to better protect stored passwords. This combination of security measures is called “password hash salting.”
See also: hash chain, file hash, salting, rainbow table attack
How password salting works
Salting adds a random piece of data to the plaintext password before it is run through a hashing algorithm. For example, “password123” might become “password123%kjak(%)” after salting — in this case, “%kjak(%)” is the salt. Because the salt is applied before hashing and is different for each password, identical plaintext passwords produce different results.
Why is password salting used?
Password salting is an important cybersecurity measure against attacks that manage to get past a database’s outer defenses. Without password salting, even password hashes can be deciphered by hackers using rainbow table attacks and other decryption methods, given enough time.
