+ 1
Hashes and Salts in Python
If i hash a password, then i add a salt to it, then store to the database, it creates a hex for the hash and a hex for the salt and in the end result a long hex as the whole password in the database? Doesn't that create a duplicate password? What if i want to reverse to the original password? What will the salt part become, if the hash part will become the original password? How do you login to that system with your password if it will add on a random salt when your are logging in. Won't it compare two different password?
1 Odpowiedź
+ 2
As i remember you save the salt without encryption with the hashed password and salt in the database. If you want to check if your password is correct you hash the password with the salt and compare it with the saved hashed value in the database. The reason is that you can't just create a rainbow table and know every passwords in the whole database. Instead you would have to create rainbow tables for every salt value, so you can only use the whole rainbow table for one password.