Skip to main content

Home Password salting

Password salting

Password salting definition

Password salting is the practice of adding large-value randomized data (called “salt” in cryptography) to passwords stored in databases. Password salting makes it harder to reverse engineer leaked passwords in the event of a data breach.

Password salting is often used automatically with password hashing (running the plaintext password through a hashing algorithm) to better protect stored passwords. This combination of security measures is called “password hash salting.”

See also: hash chain, file hash, salting, rainbow table attack

How password salting works

Salting adds a random piece of data to the plaintext password before it is run through a hashing algorithm. For example, “password123” might become “password123%kjak(%)” after salting — in this case, “%kjak(%)” is the salt. Because the salt is applied before hashing and is different for each password, identical plaintext passwords produce different results.

Why is password salting used?

Password salting is an important cybersecurity measure against password attacks that manage to get past a database’s outer defenses. Without password salting, even password hashes can be deciphered by hackers using rainbow table attacks and other decryption methods, given enough time.