> > Can anyone explain to me why a salt is really a good idea
> I believe the original purpose was to make it less obvious whether two
> Unix users had the same password.
Ah, plus, as was also pointed out, the attacker cannot precompute a
dictionary attack -- she must do a dictionary attack PER PASSWORD, not per
This all makes sense. Conclusion: Salt is good. Random salt is best. Any
salt is better than no salt. Thanks for clarifying it, everyone.
Senior Database Architect
In response to
pgsql-admin by date
|Next:||From: Brickley Jeff-RA9607||Date: 2002-08-22 16:02:23|
|Subject: gcc compile flags|
|Previous:||From: Jai||Date: 2002-08-22 14:38:41|
|Subject: Re: Users ip|