1

I am just typing a salt and on php documentations, people always use some random variable function. What is the disadvantage of typing a salt instead of generating it?

Uğur Gümüşhan
  • 2,455
  • 4
  • 34
  • 62
  • Salts just add uniqueness. A sequentially increasing salt is theoretically sufficient. (though it may not be appropriate in certain cases, so I wouldn't recommend that) – tylerl Dec 05 '11 at 23:08
  • If you want to type a globally unique value for each user on your system, then go for it. Else use a crypto-prng. – CodesInChaos Dec 05 '11 at 23:38

2 Answers2

1

  • Why force your users to type something?

  • Randomly generated bytes will have much more entropy that user input (which is typically only alphanumeric ASCII).

SLaks
  • 868,454
  • 176
  • 1,908
  • 1,964
1

The point of salt is to add entropy to the hash. Cryptographic hashes are designed so that a tiny change to the input makes a huge difference in the resulting hash, so (barring a flaw in the algorithm) it becomes impossible to know whether the original input was the same from checking the similarity between two differently salted hashes.

But if you use the same salt for everyone, you lose much of the benefit that provides. Two identical passwords hashed with the same salt will give you the same hash.

  • If you use the same salt for everyone, then at the very least, someone can figure out that two users have the same password.

  • More importantly, it greatly lessens the time someone has to spend to crack passwords, since they can now check the same hash against every user at once.

  • At worst, someone could already have a lookup table for the salt you use, making it trivial to crack every user's password.

While it's possible to use a simple salt (like the user's ID) to achieve the goal of making cracking harder, it's only a tiny bit more effort to use a random string, and makes cracking even harder (since the salt is nearly impossible to predict ahead of time, the chance of having a precomputed lookup table for that salt becomes much lower).

cHao
  • 84,970
  • 20
  • 145
  • 172
  • what's the problem with two users having the same password hashed with the same salt? Can you explain a bit more? – Uğur Gümüşhan Dec 05 '11 at 23:41
  • @Uğur: If the salts are identical, and i know that user 1's password is "foo" and the hash is "a9935f82b3dd92883744924714" or whatever, and that user 2's password hash is "a9935f82b3dd92883744924714", i know i can use the password "foo" to log in as user 2. – cHao Dec 06 '11 at 00:00
  • But you still don't know the password, so it's kind of safe eh? – Uğur Gümüşhan Dec 06 '11 at 00:11
  • @Uğur: "Kind of safe" is *not safe*. This isn't just about protecting access to your little web site; if someone has access to your database, they could already just make themselves admin and not worry about passwords at all. But you don't want your site to be the one some jackass figured out your user's online banking password from (because your user uses the same password everywhere, like most people do). – cHao Dec 06 '11 at 00:21
  • that made me change my database password into some looong text. – Uğur Gümüşhan Dec 06 '11 at 00:24