I've seen lots of people under the false impression that salts need to be kept secret, and jump through some hoops to do stuff like encrypt salts before storing them. Well intentioned, but misinformed and error prone, and likely indicates that they're not using standard login/password hash libraries and might be doing other things wrong, too.
