[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Fw: Salted hashes

To: openldap-technical@openldap.org
Subject: Re: Fw: Salted hashes
From: Marc Haber <mh+openldap-technical@zugschlus.de>
Date: Tue, 18 Mar 2014 16:10:01 +0100
Content-disposition: inline
In-reply-to: <OF5E5D2DD5.1B8A364E-ON86257C9F.00516EDC-86257C9F.005165E0@LocalDomain>
References: <OF5E5D2DD5.1B8A364E-ON86257C9F.00516EDC-86257C9F.005165E0@LocalDomain>
User-agent: Mutt/1.5.21 (2010-09-15)

On Tue, Mar 18, 2014 at 09:49:36AM -0500, espeake@oreillyauto.com wrote:
> I have been doing some reading on the salted hash and I know that I never
> setup a salt for servers.  We are doing some documentation for our security
> people and the question came up about the salt and if it differs for each
> user, or if the same salt is used?

The basic idea of a salted hash is that the salt is different for
every user so that a rainbow table of hashes is only useful for a
single password.

Usually, the salt is randomized when a hash is generated.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 31958062

Follow-Ups:
- Re: Fw: Salted hashes
  - From: espeake@oreillyauto.com

References:
- Fw: Salted hashes
  - From: espeake@oreillyauto.com

Prev by Date: Fw: Salted hashes
Next by Date: Re: Fw: Salted hashes
Index(es):
- Chronological
- Thread