Does a particular saltRound generate a unique salt?

Question

1) In the context of bcrypt, does a particular saltRound generate a unique salt?

2) why is it that we don't need to supply the salt when we compare the 'plaintextpassword' with the 'hash'ed password as is the case in the following example:

Example from [https://www.npmjs.com/package/bcrypt][1]

bcrypt.compare(myPlaintextPassword, hash, function(err, res) { // res == true });

Possible duplicate of [How does node.bcrypt.js compare hashed and plaintext passwords without the salt?](https://stackoverflow.com/questions/13023361/how-does-node-bcrypt-js-compare-hashed-and-plaintext-passwords-without-the-salt) — Obsidian Age, Apr 04 '19 at 03:55

score 1 · Answer 1 · answered May 08 '19 at 10:48

Usually BCrypt implementations generate a unique salt on their own and include it plaintext in the resulting hash-text. The compare function can extract it from there and use the same salt to calculate a comparable hash.

So no, the salt has nothing to do with rounds, and the compare function extracts it from the stored hash. See this answer, explaining the hash format.

Does a particular saltRound generate a unique salt?

1 Answers1