Hacker News new | comments | show | ask | jobs | submit login

There's a reason key derivation functions like PBKDF2 and bcrypt still require a salt as an input.



And there's a reason why high-level libraries like bcrypt handle salt generation and storage internally: if they didn't, people would screw it up. It's amazing how many people blithely use some crazy scheme like

    pwhash = md5("this is my salt" + password)
Progress in password hashing security is primarily progress in making things trivially foolproof and then hectoring people into using them.


Doesn't this crazy scheme protect against brute force when only database is leaked, and "this is my salt" remains secret?




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: