equal
deleted
inserted
replaced
552 each password. Recall that \pcode{123456} is a popular |
552 each password. Recall that \pcode{123456} is a popular |
553 password that is most likely used by several of your users |
553 password that is most likely used by several of your users |
554 (especially if the database contains millions of entries). If |
554 (especially if the database contains millions of entries). If |
555 we use no salt or one global salt, all hash-values will be the |
555 we use no salt or one global salt, all hash-values will be the |
556 same for this password. So if a hacker is in the business of |
556 same for this password. So if a hacker is in the business of |
557 cracking as much passwords as possible, then it is a good idea |
557 cracking as many passwords as possible, then it is a good idea |
558 to concentrate on those very popular passwords. This is not |
558 to concentrate on those very popular passwords. This is not |
559 possible if each password gets its own salt: since we assume |
559 possible if each password gets its own salt: since we assume |
560 the salt is generated randomly, each version of \pcode{123456} |
560 the salt is generated randomly, each version of \pcode{123456} |
561 will be associated with a different hash-value. This will |
561 will be associated with a different hash-value. This will |
562 make the life harder for an attacker. |
562 make the life harder for an attacker. |