Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Using a salt value
Top Forums Programming Using a salt value Post 302712195 by AimyThomas on Tuesday 9th of October 2012 12:07:00 AM
Old 10-09-2012
Using a salt value
Hi,

I've been reading up on using a salt value when creating a password to make it more secure, what I can't get my head round is how do you remember this salt value?

I'm guessing that when a user logs in to be able to compare the password entered with the one in the database you would need to again add the salt value to the entered password.

Am I missing something really obvious?

Thanks in Advance
 

5 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

What is "salt character" and what does it do?

Hi, lads. Good day. I have one question to ask. I read on the Internet, for the SUSE system, the password is encrypted into 13 characters, and the first 2 characters are called salt characters? Is there any special meaning for salt? Why we need these salt characters? And, I have a look at... (1 Reply)
Discussion started by: yjck71
1 Replies

2. UNIX for Dummies Questions & Answers

Increase salt size

Unix protect its password by using salt It that mean larger the salt size the more secure? if the salt size increase greatly, will the password still able to be cracked? thank you for helping (1 Reply)
Discussion started by: cryogen
1 Replies

3. Programming

4-Byte Salt (in hex) to Integer

If i have a salt that looks like this 'CFDB024F' (in hex) would the integer value be '3487236687' ? Is that correct? (1 Reply)
Discussion started by: cbreiny
1 Replies

4. OS X (Apple)

Question about openSSL and Salt

Hey all, i have an application i am developing and i would like to use the OpenSSL des3 encryption, the only problem i am having is when i need to input the second key verification. Heres what i have so far openssl des3 -salt -in /tmp -out pwenc.z | echo 1111 usually for password verification... (0 Replies)
Discussion started by: code_monkey
0 Replies

5. Cybersecurity

Wordpress and Joomla hash and salt

I would like to know where the hash and salt are in Wordpress and Joomla hashes? For example: In this wordpress hash P$BTBCNLQpY5CWWQ6XC4WJ6IPJQ877s3 where the salt is? In this Joomla hash $2y$10$io60pn4npWCRWwg4308pB.4rLmfz.vFwzxzYmX6W48Ff7wTi7ZEMO where the salt is? For example (source... (1 Reply)
Discussion started by: freeroute
1 Replies

LEARN ABOUT SUSE

md5crypt

md5crypt(n)						   MD5-based password encryption					       md5crypt(n)

__________________________________________________________________________________________________________________________________________________

NAME

       md5crypt - MD5-based password encryption

SYNOPSIS

       package require Tcl  8.2

       package require md5  2.0

       package require md5crypt  ?1.1.0?

       ::md5crypt::md5crypt password salt

       ::md5crypt::aprcrypt password salt

       ::md5crypt::salt ?length?

_________________________________________________________________

DESCRIPTION

       This  package  provides	an implementation of the MD5-crypt password encryption algorithm as pioneered by FreeBSD and currently in use as a
       replacement for the unix crypt(3) function in many modern systems. An implementation of the closely related Apache MD5-crypt is also avail-
       able.  The output of these commands are compatible with the BSD and OpenSSL implementation of md5crypt and the Apache 2 htpasswd program.

COMMANDS

       ::md5crypt::md5crypt password salt
	      Generate a BSD compatible md5-encoded password hash from the plaintext password and a random salt (see SALT).

       ::md5crypt::aprcrypt password salt
	      Generate an Apache compatible md5-encoded password hash from the plaintext password and a random salt (see SALT).

       ::md5crypt::salt ?length?
	      Generate a random salt string suitable for use with the md5crypt and aprcrypt commands.

SALT

       The salt passed to either of the encryption schemes implemented here is checked to see if it begins with the encryption scheme magic string
       (either "$1$" for MD5-crypt or "$apr1$" for Apache crypt). If so, this is removed. The remaining characters up to the next $ and  up  to  a
       maximum	of  8  characters  are then used as the salt. The salt text should probably be restricted the set of ASCII alphanumeric characters
       plus "./" (dot and forward-slash) - this is to preserve maximum compatability with the unix password file format.

       If a password is being generated rather than checked from a password file then the salt command may be used to generate a random salt.

EXAMPLES

       % md5crypt::md5crypt password 01234567
       $1$01234567$b5lh2mHyD2PdJjFfALlEz1

       % md5crypt::aprcrypt password 01234567
       $apr1$01234567$IXBaQywhAhc0d75ZbaSDp/

       % md5crypt::md5crypt password [md5crypt::salt]
       $1$dFmvyRmO$T.V3OmzqeEf3hqJp2WFcb.

BUGS, IDEAS, FEEDBACK
       This document, and the package it describes, will undoubtedly contain bugs and other problems.  Please report such in the category md5crypt
       of the Tcllib SF Trackers [http://sourceforge.net/tracker/?group_id=12883].  Please also report any ideas for enhancements you may have for
       either package and/or documentation.

SEE ALSO

       md5

KEYWORDS

       hashing, md5, md5crypt, message-digest, security

COPYRIGHT

       Copyright (c) 2003, Pat Thoyts <patthoyts@users.sourceforge.net>

md5crypt							       1.1.0							       md5crypt(n)
All times are GMT -4. The time now is 05:12 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy