Highest Voted 'saltedhash' Questions

61

votes

7 answers

What exactly is a rainbow attack?

I was reading a few articles on salts and password hashes and a few people were mentioning rainbow attacks. What exactly is a rainbow attack and what are the best methods to prevent it?

cryptography saltedhash rainbowattack

asked Jun 18 '09 at 13:49

Dusty

4,667
3
29
35

45

votes

7 answers

Hashing in SHA512 using a salt? - Python

I have been looking through ths hashlib documentation but haven't found anything talking about using salt when hashing data. Help would be great.

python salt sha hashlib saltedhash

asked May 24 '10 at 16:58

RadiantHex

24,907
47
148
244

16

votes

3 answers

Hashing and Salting Passwords with Spring Security 3

How can I hash passwords and salt them with Spring Security 3?

java spring hash spring-security saltedhash

asked Sep 11 '11 at 12:17

kamaci

72,915
69
228
366

12

votes

3 answers

What is the purpose of the "salt" when hashing?

Ok, I’m trying to understand the reason to use salt. When a user registers I generate a unique salt for him/her that I store in DB. Then I hash it and the password with SHA1. And when he/she is logging in I re-hash it with sha1($salt.$password). But…

hash saltedhash

asked Dec 10 '09 at 22:40

Krzysztof

121
1
3

11

votes

1 answer

why does compareSync not need salt string?

I am trying to use bcryptjs to generate hash of user passwords. However I am a bit confused in one matter. Conventionally, according to this article, we need to: keep the salt of our password hash relatively long and unique, hash the user password…

node.js hash salt bcrypt saltedhash

asked Jan 02 '15 at 05:23

Pravin

1,671
5
23
36

5

votes

1 answer

Pure-ftpd and Postgreql Auth with password salt

I've recently begun the task of setting up an PureFTP server. At work we use Postgresql 8.4. The schema essentially boils down to, username text password character(40) password_salt text The password is stored as hash of sha1(…

postgresql salt saltedhash pureftpd

asked Aug 02 '11 at 21:53

Evan Carroll

78,363
46
261
468

5

votes

2 answers

Do I need to Salt and Hash a randomly generated token?

I'm using Adam Griffiths's Authentication Library for CodeIgniter and I'm tweaking the usermodel. I came across a generate function that he uses to generate tokens. His preferred approach is to reference a value from random.org but I considered…

saltedhash

asked Mar 19 '10 at 20:34

wag2639

2,523
5
25
30

4

votes

4 answers

How to design system to allow migration of encryption?

I want to set up a system where I am allow to migrate encrypted password (hash password), from one system to another. How would i do this? Say 2 month down the line, i found a encryption that is 10 times better and the current hash function has…

encryption hash passwords migration saltedhash

asked Jan 01 '12 at 09:37

Chun ping Wang

3,879
12
42
53

4

votes

1 answer

Trying to understand salting and hashing passwords in Ruby on Rails

I'm walking through Michael Hartl's book (awesome, free resource, btw, thanks Michael!) and I have a question about salting and hashing passwords. The point of salting a password is to prevent a hacker from performing a rainbow attack, which if I…

ruby-on-rails encryption saltedhash

asked Mar 06 '11 at 22:24

BeachRunnerFred

18,070
35
139
238

3

votes

2 answers

Spring security password hash + salt

I am working with a legacy application that stored passwords in plaintext. I have ported the application to spring 3 mvc + security. I have also successfully gotten spring security handling the authentication and authorization using sha256 + a salt…

java spring spring-security salt saltedhash

asked Jan 24 '12 at 19:36

vikash dat

1,494
2
19
37

3

votes

2 answers

How does Unix SALT help protect passwords?

I was in class the other day and we were talking about Unix SALT and how it makes the passwords much harder to guess. My issue is that the SALT is stored in plaintext right next to the hashed password so how could this make it more secure? I mean…

unix salt saltedhash

asked Sep 17 '11 at 20:58

tpar44

1,431
4
22
35

3

votes

0 answers

PySpark - Salting an inner join in the presence of skew

I am using an inner join to generate record comparisons, for the purpose of deduplicating data. I would like to salt these joins so that record comparisons are more equally distributed in the presence of skew. What follows is a very simple…

apache-spark pyspark saltedhash

asked Dec 11 '21 at 16:42

RobinL

11,009
8
48
68

3

votes

1 answer

Scrambling a salted password before hashing. Good idea?

I'm updating an old classic ASP site and I need to store password, so naturally I'm being a bit over cautious about how to go about this given the limitations of Classic ASP. I'm using both a salt and a pepper (the pepper is a constant stored on the…

security hash vbscript passwords saltedhash

asked Oct 14 '17 at 11:46

Adam

59
2
4

3

votes

2 answers

Hashing vs Database Lookup Efficiency

I'm intending on using a hash to generate a verification token for verifying email addresses. The hash would be generated like so: email:username:salt The hash is generated with the SHA256 algorithm and the same salt is used for each token…

database security hash saltedhash

asked Aug 18 '16 at 16:00

Matt Brown

355
1
4
12

2

votes

9 answers

why salt did not help when using dictionary attack

From this site http://codahale.com/how-to-safely-store-a-password/: It’s important to note that salts are useless for preventing dictionary attacks or brute force attacks. If salt is useless to prevent dictionary attack, why using salt?

security hash saltedhash

asked Feb 09 '12 at 23:21

Adam Lee

24,710
51
156
236

Questions tagged [saltedhash]