Hash and salt passwords in C#
I was just going through one of DavidHayden’s articles on Hashing User Passwords. Really I can’t get what he is trying to achieve. … Read more
salt
Do I need to store the salt with bcrypt?
bCrypt’s javadoc has this code for how to encrypt a password: String pw_hash = BCrypt.hashpw(plain_password, BCrypt.gensalt()); To check whether a plaintext password matches … Read more
How does password salt help against a rainbow table attack?
I’m having some trouble understanding the purpose of a salt to a password. It’s my understanding that the primary use is to hamper … Read more
Where do you store your salt strings?
I’ve always used a proper per-entry salt string when hashing passwords for database storage. For my needs, storing the salt in the DB … Read more