LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   salt string (https://www.linuxquestions.org/questions/linux-software-2/salt-string-349101/)

balajee 08-02-2005 12:30 AM
salt string
 
Hi,

What is meant by salt string in master.passwd file(or any where)? Please let me know.



Thank you,
Balu

Matir 08-02-2005 12:41 AM
The salt string is added in to a password hash to make it harder to detect identical password. Under the original unix crypt (using DES), the salt was two characters, giving 4096 possible salts. This meant that two users with the same password would NOT have the same password hash (unless, by pure chance, they got the same salt). It's basically just there to avoid precomputed dictionary attacks and to make passwords hashable in multiple ways. MD5 passwords have an 8 character salt, which gives about 2.8 * 10^14 salts (which is, in itself, cryptographically huge).


All times are GMT -5. The time now is 08:32 PM.