is there point in salting password?
if program processing of salt server side make more difficult brute force or other attack. code going apply salt whatever entered user.
do have wrong?
yes, there point in salting password.
the point each password has own salt, attacker can't make use of dictionaries , rainbow tables brute force passwords @ once.
the salt doesn't make harder crack single password¹, removes benefit attempting crack multiple passwords @ once. attacker has brute force 1 password @ time.
¹ @ least not enough reason use it. using better passwords works better.
Comments
Post a Comment