Originally Posted by acid_kewpie
If you have a password hash then the point would be that you can take that hash and match it against existing lists of hash / plaintext pairs. When you also have a pseudo random salt involved, then that hash is vastly obscenely astonishingly less likely to be able to be found in a dictionary.
number of MD5 strings for "password" = 1
number of MD5 strings for "password4847d9d", "password84d83uj" etc... = oooh loads.
does that make sense?
I think so. So the point of the salt is that it's very unlikely that a pre-computed table of hashes for a given string has already been created for that salt right? That means the attacker would have to manually create a table with all possible hashed passwords+that salt.
But why not store the salts that were used to generate user passwords separately so that even if the file with the hashed passwords is compromised, the attacker still has to do some work to acquire the salts? Not worth the extra effort given how long it will take the attacker to create the hash table/reverse-engineer the password even if he has the salt?