Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Salt (cryptography)
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Web-application implementations== It is common for a web application to store in a database the hash value of a user's password. Without a salt, a successful [[SQL injection]] attack may yield easily crackable passwords. Because many users re-use passwords for multiple sites, the use of a salt is an important component of overall [[web application security]].<ref>{{cite web |url=http://www.dshield.org/diary.html?storyid=11110 |title=ISC Diary β Hashing Passwords |publisher=Dshield.org |access-date=2011-10-15}}</ref> Some additional references for using a salt to secure password hashes in specific languages or libraries (PHP, the .NET libraries, etc.) can be found in the [[#External links|external links]] section below.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)