Salt (Password Hashing)
A salt is random data added to passwords before hashing to prevent rainbow table attacks.
Updated: 2026-03-05
Definition
A salt is a unique random value stored with a password hash. It ensures that identical passwords produce different hashes.
Salts defend against precomputed attacks (like rainbow tables) and reduce the impact of password reuse.
Key points
- Unique per password is best practice
- Stored alongside the hash (not secret)
- Still use slow hashing algorithms (e.g., bcrypt/Argon2)
Common mistakes
- Using one global salt for all users (weaker).
- Using fast hashing algorithms for passwords.
Related exams
Related terms
Want to practice this in exam-style questions?
Use the mini tests on each exam page, then continue in the app for offline packs and detailed explanations.
Go to exams