[eluser]wowdezign[/eluser]
Is this true,
Quote:Rick Jolly -
But creating a rainbow table for each known salt is not hard or time consuming. Let’s say you have a dictionary of 1 million common passwords. If you have the salt, you can md5 the entire dictionary with the salt in about 30 seconds using php.
or is this true?
Quote:n0xie -
That’s not how salting works. The point is that it is irrelevant what the salt is. The only reason to use salts is to prevent the generated hash from being predictable. So even if they have the salt, generating rainbow tables would still take too long. So saving the salt in the database is not an issue.
Because that has a bearing on the correct answer.
