Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
H
H
hckn2018-09-15 19:32:18
Node.js
hckn, 2018-09-15 19:32:18

Why store salt in a database and how to use it?

In the database, I store hashes created using bcrypt(Node.js)
Hashing occurs using a specific value salt.
I meet in code examples that people store in the database, in addition to the hash itself, the salt value. What for?
Well, let's say an attacker got a database with hashes, picked up a salt, and started cracking passwords (do I understand the process correctly?). How will storing the value and changing the salt help me? After all, if I change the salt, the hash will also become different, and my entire hash database will become invalid.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
SagePtr, 2018-09-15
@hckn

Depending on the format in which your function returns the hash, if it already contains a salt, then storing it separately does not make any sense. If we allow you to use this package to calculate and verify the hash, then the hash received there already contains a salt.

Similar questions
K
kotepdag2020-03-12 10:18:59
Where to use camelCase and where snake_case? 2Reply
V
Vyacheslav2017-08-26 12:31:16
What if you need to change the module received through npm? 1Reply
V
Vladimir Golub2020-01-29 17:55:00
What is the best use for authentication if user data can change at any time? 1Reply
V
Vladimir Golub2020-01-30 16:31:21
Is it possible to use other controllers in controllers? 2Reply
Z
zwezew2017-08-29 19:21:01
How to fix an error when installing PUG? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question