Salting
What is Salting?
Salting is the practice of adding a unique, random value to data before hashing it, most commonly when storing passwords. A salt makes identical inputs produce different hashes, which helps prevent rainbow table attacks and reduces the damage of password hash leaks.
Examples
- Two users choose the same password, but because each password is salted, their stored password hashes are different.
- A breached database contains salted password hashes, making precomputed rainbow tables ineffective.
Discover 🔎
When a database of password hashes is stolen, attackers often try to crack those hashes offline. If the system used unsalted hashes, attackers can use precomputed lists to crack huge numbers of passwords quickly, especially common ones. Salting is a simple idea that blocks that shortcut. It makes every stored hash unique, even when users pick the same password.
Summary 📝
Salting adds a unique random value to data before hashing, most commonly for password storage. It ensures identical passwords do not produce identical hashes and prevents attackers from using rainbow tables effectively. Salting improves security, but it must be paired with slow password hashing algorithms to significantly reduce brute force cracking speed.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.