top | item 24379255

(no title)

Won't you add a seed before hashing. With a 8 byte seed that's 16 effective characters, probably impossible to crack.

discuss

__s|5 years ago

By seed you mean salt. Salts are stored in plaintext, so they don't increase the entropy of the password. Instead they make it so that each password hashes uniquely so that everyone with the same password gets different hashes. They also mitigate rainbow tables by effectively requiring the attacker to create a rainbow table per target

i-am-curious|5 years ago

Yes I meant salt! AFAIK such a fast cracking of hashes is mostly via rainbow tables, salts defeat those easily.

SloopJon|5 years ago

I'm not sure what you mean by a seed. If you mean a salt, that's no more secret than the hash. It has the effect of requiring you to crack each hash separately, but doesn't make it any harder to crack an individual hash.

kohtatsu|5 years ago

You add a salt, which is stored plaintext alongside the password.