6

Possible Duplicate:
What is the optimal length for user password salt?

I tried to find the answer to this question on Stack Overflow without any success.

Let's say I store passwords using SHA-1 hash (so it's 160 bits) and let's assume that SHA-1 is enough for my application. How long should be the salt used to generated password's hash?

The only answer I found was that there's no point in making it longer than the hash itself (160 bits in this case) which sounds logical, but should I make it that long? E.g. Ubuntu uses 8-byte salt with SHA-512 (I guess), so would 8 bytes be enough for SHA-1 too or maybe it would be too much?

Community
  • 1
  • 1
Juliusz Gonera
  • 4,658
  • 5
  • 32
  • 35
  • Why do you want to use SHA-1 and not a real password hashing function like bcrypt/scrypt? – Venge Jan 06 '14 at 06:27

1 Answers1

1

Current standards suggest a 16 char-length salt http://en.wikipedia.org/wiki/Crypt_%28Unix%29#SHA-based_scheme

Also this question has been asked before :)

Community
  • 1
  • 1
Tom Gullen
  • 61,249
  • 84
  • 283
  • 456
  • Heh, it's true. I wonder however how you found it. I tried http://stackoverflow.com/search?q=password+salt+length and http://stackoverflow.com/search?q=optimal+password+salt+length and it's certainly not on the first page. Anyway, the question remains unanswered. The link to Wikipedia you provided (and is also provided in the other question) does not say anything about 16 char long salt. The longest salt mentioned there is 24 bit "BSDi extended DES-based scheme" – Juliusz Gonera Jun 12 '10 at 13:55