[Owasp-codereview] Adding Salt?
zakiakhmad at gmail.com
Tue Mar 3 06:10:18 EST 2009
I don't understand, how we compare hash result from the password
(after it has been concatenate with salt) with the hash value? Isn't
it the user must enter the "salt value" after he/she enter the
password in order to get the same hash value?
hash (password+salt) = qwertyqwerty
But the user never enter the "salt value". CMIIW.
More information about the Owasp-codereview