[eluser]SpooF[/eluser]
Haha no, I understand. However, you guys shouldn't really be talking about source code in this though. Once you have the source code of anything there really isn't anything you can do.
Lets say you have a mutating algorithm so every time you run this algorithm on a users supplied password the hash is different. This would make it almost impossible to find the users password. However, if the hacker had access to this mutating algorithm all that work is gone because he/she now knows how your passwords are encrypted. It makes it extreme difficult, but theres always going to be a way around it if you have the source code. What makes salts extreme effective is that the hacker doesn't know how your using them. Once they know its all over.
Focus on protecting your database and your code. After that a simple salt is all you need.
