Using only hashes makes it possible to use what’s called a rainbow table (essentially a database of common passwords hashed related to their plain-text values) to crack the hashed passwords if they’re somehow retrieved from the database. A salt is a separate value, usually unique to each user, that is appended or prepended to the password prior to hashing it. That makes it much harder to crack the password, even if you have the hash in hand.
What is salting in this context?
Using only hashes makes it possible to use what’s called a rainbow table (essentially a database of common passwords hashed related to their plain-text values) to crack the hashed passwords if they’re somehow retrieved from the database. A salt is a separate value, usually unique to each user, that is appended or prepended to the password prior to hashing it. That makes it much harder to crack the password, even if you have the hash in hand.
Ah, makes sense. You are an excellent communicator, I really appreciate it.
Anytime, and I appreciate the compliment so thanks!