[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Fw: Salted hashes

To: espeake@oreillyauto.com, openldap-technical@openldap.org
Subject: Re: Fw: Salted hashes
From: Howard Chu <hyc@symas.com>
Date: Tue, 18 Mar 2014 08:18:30 -0700
In-reply-to: <OF5E5D2DD5.1B8A364E-ON86257C9F.00516EDC-86257C9F.005165E0@LocalDomain>
References: <OF5E5D2DD5.1B8A364E-ON86257C9F.00516EDC-86257C9F.005165E0@LocalDomain>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26a1

espeake@oreillyauto.com wrote:


I have been doing some reading on the salted hash and I know that I never
setup a salt for servers.  We are doing some documentation for our security
people and the question came up about the salt and if it differs for each
user, or if the same salt is used?

It would be a poor salt if it was reused for multiple users. If you understandwhy a salt is used, the answer should be obvious.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

References:
- Fw: Salted hashes
  - From: espeake@oreillyauto.com

Prev by Date: Re: Fw: Salted hashes
Next by Date: Re: Fw: Salted hashes
Index(es):
- Chronological
- Thread