• Dandroid@dandroid.app
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    A server can have per-user salts, which may be migrated together with the hash.

    They better have per-user salt. Otherwise that would defeat the entire purpose of salt, which is to make sure that it isn’t obvious if two users have the same password.