Hacker News new | past | comments | ask | show | jobs | submit login

Salts, done properly, vary per user not per server.



but I'm assuming that if they have the code base, the plaintext user names (emailaddys) and the salted password, then they would have whatever the per user salt is.


Right, but if the salt varies per user, then you end up doing a bruteforce on each user's password; it's no longer a precomputation attack. There are no "Rainbow tables" in this case.

However, if you find Hale's bcrypt page (http://codahale.com/how-to-safely-store-a-password/) convincing, and I do, salting really doesn't matter because with modern GPUs you can bruteforce a reasonably-sized alphanumeric password, if the hash algorithm is a general-purpose (read: fast) one.

The solution is not salt, the solution is to use a purposely slow hash function.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: