3

I've been doing some research about securely storing passwords in a database. It is generally suggested that you use a salt. As explained in one of the answers in Secure hash and salt for PHP passwords, this changes the value of hashes, making a password more difficult to compromise.

As part of the verification mechanism, the password entered by the user is combined with the salt and hashed as needed. Given that the salt is transparent to the user, how does using salt provide any added benefit?

As I see it, with or without hashing, the same password will successfully authenticate you, because the plumbing that makes it different will take place behind the scenes. That is why none of the articles I've read so far have clarified things.

Community
  • 1
  • 1
Gigi
  • 28,163
  • 29
  • 106
  • 188

2 Answers2

5

consider a scenario, where you accept a password from you user and you are sending it over network or storing in database as plain-text.

if your user enters a password say 6-8 characters long. A hacker may have pre-generate hashes for all possible strings of 6-8 characters length and he can possibly deduce the password, by comparing it with your hash.(Matching your hash against all the pre-generates hashes, he can get a set of possible candidates,if collision occurs)

But if you append a salt of say 30 chracters to his plain-text password and then hash it. it becomes very difficult for any hacker to pre-generate all the possible combinations of that range. That is the main reason why we use a salt.

You cant restrict every user to input a 30 character long password for security purposes. if any user chooses a 4 char length password, just add 30 char salt and make it more secure.

Rajesh Pantula
  • 10,061
  • 9
  • 43
  • 52
  • 1
    This is mostly right, but adding a 30 char salt to a 4 char password doesn't really help all that much. The salt is there to make any password calculation unique so an attacker that obtains the hashes cannot use a precomputed table. However the salt is not encrypted. In an SQL dump the SALTs would be in plain. So cracking a four char password is still really simple. Because there only four characters to guess. The amount of security it adds is negligible. – Erlend Dec 21 '11 at 22:20
  • @Eriend - yes, salting adds little security to a 4 character password. But it does with a larger password. The security is not in cracking an individual password. That's still going to be in brute force time. The security is that if I use the same password with 50 different websites which all use different salts, even if you managed compromise one website and figure out my plaintext password and the corresponding hash, you would not be able to then compare that hash to the hashes stored at other sites - you'd need to compromise/brute force them as well. – iheanyi Jul 16 '14 at 00:32
  • Without salt, once the plaintext for a known hash is found, you can compromise anyone whose password happens to have the same has without any further effort. Salt is more about protecting everyone else from one dummy's mistake. Of course, if after compromising the initial site, you assumed I used the same password - you'd be golden. But, if there was no direct way to associate various accounts at different sites directly to me, then an attacker would still have a lot of work to do. – iheanyi Jul 16 '14 at 00:34
4

Salted passwords reduce the probability that a rainbow table will already have the salted password's hash contained in it.

Mike Daniels
  • 8,582
  • 2
  • 31
  • 44
  • 1
    Assuming a suitable salt (large and random) and hash algorithm that is not susceptible to brute-force (SHA-1 is *too fast*). But yes, quite the primary purpose of a salt... it's definitely not designed to be "secret" (at least no more than the hash it salts :) –  Dec 21 '11 at 21:20
  • 1
    Are the rainbow tables based on typical dictionary-based passwords, or are they computed through the hash itself? – Gigi Dec 21 '11 at 21:24
  • rainbow tables are basically pre-generated hashes using the same hash function. for a string of length say 4, all 4 character length combinations are generated and passed through the same hash function and stored. if in future you get any hash of 4 char length, then you will just lookup in the table for possible candidates. – Rajesh Pantula Dec 21 '11 at 21:42