Password Salting

What is Password Salting?

Password salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them. Salting prevents hackers who breach an enterprise environment from reverse-engineering passwords and stealing them from the database.

Password salting increases password complexity, making them unique and secure without affecting user experience. It also helps prevent hash table attacks and slows down brute-force and dictionary attacks.

Password hashing and why salting is required

Hashing prevents passwords from being exposed or stolen by threat actors since they are not stored in plaintext. For example, when users create an account with a username and password on a website, their password is hashed and stored in an internal file system in an encrypted form.

When users log in, the password runs through a one-way hashing algorithm that converts the password into a different and unrecognizable string of characters. During login, this string is compared to the other hashes stored in the website’s database. If the credentials match the stored hash, users can access the account. If it doesn’t match, hash verification fails, and users are not able to log in.

password
Photo by Miguel Á. Padriñán on Pexels.com

References

Ferguson, Niels, Bruce Schneier, and Tadayoshi Kohno. Cryptography Engineering: Design Principles and Practical Applications. Wiley, 2010.

Oechslin, Philippe. “Making a Faster Cryptanalytic Time-Memory Trade-Off.” Advances in Cryptology – CRYPTO 2003. Springer, 2003.

Leave a Reply

Your email address will not be published. Required fields are marked *