Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« Why publishing exploit code is *generally* a bad idea if you're paid to protect | Main | New Site Addressing Python Security »

A reminder as to why using random salts is a good idea

I came across a post on stackoverflow that I felt was worth mentioning. The person was wanting to hash user passwords and implement per user salting. A response by Dave Sherohman provided a good overview as to why using random salts (instead of just using the user's username) is a good idea. If you've been tasked with storing user passwords this page gives a good overview into the subject.

URL: http://stackoverflow.com/questions/536584/non-random-salt-for-password-hashes/536756#536756

Posted by Robert A. on 07/19/2010 in Cryptography , Defense , Development | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!


Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals