Security 105: Seasonings (or Salts and Peppers)
What on earth is a salt? And why are you using the word as if it’s a definite article instead of the normal “pass the salt, please”?
A salt is a randomly generated sequence of letters and numbers, which are coupled with another input (in this case the user’s password) and entered into a one-way formula (i.e. a hash is taken of the entire coupling). The result of this one-way formula is then stored in the database, in place of the password (and alongside the salt). This combination extends the users’ password to such a length that an effective rainbow table would need to be gigantic. More →